Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.02.2015, 09:40   #1
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Seit einigen Tagen kommt alle paar Minuten hörbar Werbung (Axe, Sensodyne, etc.) oder für ein paar Sekunden Musik, und zwar auch nachdem der Browser und alle anderen Programme geschlossen wurden.
Nachdem ich Eure Tipps und Anleitungen gelesen habe wurden von mir alle Schritte abgearbeitet. Als erstes wurde von mir ein kompletter Alvira-Scan durchgeführt der auch etwas gefunden hat, allerdings wurde nicht alles gefundene" entfernt.
Ich bin mir nicht sicher ob das Problem dadurch behoben wurde und habe anschließend die von Euch beschriebenen weiteren Schritte durchgeführt.

Alvira-Scan:
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 01. Februar 2015  16:59


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : DIRK-PC

Versionsinformationen:
BUILD.DAT      : 14.0.7.468     91859 Bytes  24.11.2014 10:23:00
AVSCAN.EXE     : 14.0.7.462   1015544 Bytes  09.12.2014 09:56:20
AVSCANRC.DLL   : 14.0.7.308     64304 Bytes  06.11.2014 09:35:05
LUKE.DLL       : 14.0.7.462     60664 Bytes  09.12.2014 09:56:26
AVSCPLR.DLL    : 14.0.7.440     93488 Bytes  09.12.2014 09:56:20
REPAIR.DLL     : 14.0.7.412    366328 Bytes  09.12.2014 09:56:19
REPAIR.RDF     : 1.0.4.40      695717 Bytes  30.01.2015 09:34:36
AVREG.DLL      : 14.0.7.310    264952 Bytes  06.11.2014 09:35:04
AVLODE.DLL     : 14.0.7.440    561456 Bytes  09.12.2014 09:56:19
AVLODE.RDF     : 14.0.4.54      78895 Bytes  05.12.2014 16:00:29
XBV00014.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00015.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00016.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00017.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00018.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00019.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:02
XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 11:27:03
XBV00192.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00193.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00194.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00195.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00196.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00197.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00198.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00199.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00200.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00201.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00202.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00203.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00204.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00205.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00206.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00207.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00208.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00209.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00210.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00211.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00212.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00213.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:29
XBV00214.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00215.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00216.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00217.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00218.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00219.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00220.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00221.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00222.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00223.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00224.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00225.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00226.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00227.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00228.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00229.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00230.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00231.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00232.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00233.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00234.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00235.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00236.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00237.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00238.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00239.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00240.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00241.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:30
XBV00242.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00243.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00244.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00245.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00246.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00247.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00248.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00249.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00250.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00251.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00252.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00253.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00254.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00255.VDF   : 8.11.201.28     2048 Bytes  14.01.2015 14:53:31
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 08:32:58
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 08:32:58
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 08:32:58
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 08:32:58
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 08:32:58
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 08:32:58
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 17:20:22
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 11:40:26
XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 11:27:02
XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 11:16:50
XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 13:53:26
XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 12:45:44
XBV00012.VDF   : 8.11.190.32  1876992 Bytes  03.12.2014 11:21:38
XBV00013.VDF   : 8.11.201.28  2973696 Bytes  14.01.2015 14:53:23
XBV00042.VDF   : 8.11.201.52    20992 Bytes  14.01.2015 14:53:23
XBV00043.VDF   : 8.11.201.74     2048 Bytes  14.01.2015 14:53:23
XBV00044.VDF   : 8.11.201.100    13824 Bytes  14.01.2015 21:32:26
XBV00045.VDF   : 8.11.201.124     4608 Bytes  14.01.2015 05:10:05
XBV00046.VDF   : 8.11.201.126     8704 Bytes  15.01.2015 21:04:37
XBV00047.VDF   : 8.11.201.128     2048 Bytes  15.01.2015 21:04:38
XBV00048.VDF   : 8.11.201.132    13824 Bytes  15.01.2015 21:04:38
XBV00049.VDF   : 8.11.201.134     9216 Bytes  15.01.2015 21:04:38
XBV00050.VDF   : 8.11.201.136    26112 Bytes  15.01.2015 21:04:38
XBV00051.VDF   : 8.11.201.138     2048 Bytes  15.01.2015 21:04:38
XBV00052.VDF   : 8.11.201.142    40960 Bytes  15.01.2015 10:07:27
XBV00053.VDF   : 8.11.201.144     5120 Bytes  15.01.2015 10:07:27
XBV00054.VDF   : 8.11.201.148    20992 Bytes  16.01.2015 10:07:27
XBV00055.VDF   : 8.11.201.150     8192 Bytes  16.01.2015 10:07:27
XBV00056.VDF   : 8.11.201.152     9728 Bytes  16.01.2015 16:07:26
XBV00057.VDF   : 8.11.201.154    12288 Bytes  16.01.2015 16:07:26
XBV00058.VDF   : 8.11.201.176    50176 Bytes  16.01.2015 16:07:26
XBV00059.VDF   : 8.11.201.196     2048 Bytes  16.01.2015 16:07:26
XBV00060.VDF   : 8.11.201.216     2048 Bytes  16.01.2015 16:07:26
XBV00061.VDF   : 8.11.201.236    27648 Bytes  16.01.2015 22:08:25
XBV00062.VDF   : 8.11.201.238     2048 Bytes  16.01.2015 22:08:25
XBV00063.VDF   : 8.11.202.4     13312 Bytes  16.01.2015 22:08:25
XBV00064.VDF   : 8.11.202.6      2048 Bytes  16.01.2015 22:08:25
XBV00065.VDF   : 8.11.202.26     3584 Bytes  16.01.2015 11:06:53
XBV00066.VDF   : 8.11.202.28     3584 Bytes  17.01.2015 11:06:53
XBV00067.VDF   : 8.11.202.32    53760 Bytes  17.01.2015 11:06:54
XBV00068.VDF   : 8.11.202.34    16896 Bytes  17.01.2015 17:06:49
XBV00069.VDF   : 8.11.202.36     2048 Bytes  17.01.2015 17:06:49
XBV00070.VDF   : 8.11.202.56    14336 Bytes  17.01.2015 17:06:49
XBV00071.VDF   : 8.11.202.76   124416 Bytes  18.01.2015 16:21:59
XBV00072.VDF   : 8.11.202.78     2048 Bytes  18.01.2015 16:21:59
XBV00073.VDF   : 8.11.202.98    30720 Bytes  18.01.2015 16:21:59
XBV00074.VDF   : 8.11.202.118    27648 Bytes  18.01.2015 16:21:59
XBV00075.VDF   : 8.11.202.136    94720 Bytes  19.01.2015 09:23:09
XBV00076.VDF   : 8.11.202.170     2048 Bytes  19.01.2015 09:23:09
XBV00077.VDF   : 8.11.202.188    19968 Bytes  19.01.2015 09:23:09
XBV00078.VDF   : 8.11.202.206     2048 Bytes  19.01.2015 09:23:09
XBV00079.VDF   : 8.11.202.224    27136 Bytes  19.01.2015 15:22:52
XBV00080.VDF   : 8.11.202.226    17408 Bytes  19.01.2015 15:22:52
XBV00081.VDF   : 8.11.202.238    38400 Bytes  19.01.2015 02:09:32
XBV00082.VDF   : 8.11.203.0     56832 Bytes  19.01.2015 02:09:32
XBV00083.VDF   : 8.11.203.20    28672 Bytes  19.01.2015 02:09:32
XBV00084.VDF   : 8.11.203.36    12800 Bytes  19.01.2015 02:09:32
XBV00085.VDF   : 8.11.203.54    57856 Bytes  20.01.2015 08:09:33
XBV00086.VDF   : 8.11.203.58     2048 Bytes  20.01.2015 08:09:33
XBV00087.VDF   : 8.11.203.74    22016 Bytes  20.01.2015 08:09:33
XBV00088.VDF   : 8.11.203.90    11776 Bytes  20.01.2015 14:09:31
XBV00089.VDF   : 8.11.203.106    10240 Bytes  20.01.2015 14:09:31
XBV00090.VDF   : 8.11.203.122     7680 Bytes  20.01.2015 14:09:31
XBV00091.VDF   : 8.11.203.138    13312 Bytes  20.01.2015 14:09:31
XBV00092.VDF   : 8.11.203.142    61952 Bytes  20.01.2015 07:44:50
XBV00093.VDF   : 8.11.203.144     2048 Bytes  20.01.2015 07:44:50
XBV00094.VDF   : 8.11.203.148    39424 Bytes  20.01.2015 07:44:50
XBV00095.VDF   : 8.11.203.152     2048 Bytes  20.01.2015 07:44:50
XBV00096.VDF   : 8.11.203.156     2048 Bytes  20.01.2015 07:44:50
XBV00097.VDF   : 8.11.203.158    18944 Bytes  20.01.2015 07:44:50
XBV00098.VDF   : 8.11.203.160    13824 Bytes  21.01.2015 07:44:50
XBV00099.VDF   : 8.11.203.176    44544 Bytes  21.01.2015 07:44:50
XBV00100.VDF   : 8.11.203.190    12800 Bytes  21.01.2015 15:22:15
XBV00101.VDF   : 8.11.203.204    13824 Bytes  21.01.2015 15:22:15
XBV00102.VDF   : 8.11.203.218    13824 Bytes  21.01.2015 15:22:15
XBV00103.VDF   : 8.11.203.220     2048 Bytes  21.01.2015 15:22:15
XBV00104.VDF   : 8.11.203.222    22016 Bytes  21.01.2015 15:22:15
XBV00105.VDF   : 8.11.203.224     2048 Bytes  21.01.2015 06:16:02
XBV00106.VDF   : 8.11.203.230    47104 Bytes  21.01.2015 06:16:02
XBV00107.VDF   : 8.11.203.244     7680 Bytes  21.01.2015 06:16:02
XBV00108.VDF   : 8.11.204.2      2048 Bytes  21.01.2015 06:16:02
XBV00109.VDF   : 8.11.204.16    26112 Bytes  21.01.2015 06:16:02
XBV00110.VDF   : 8.11.204.18    14336 Bytes  21.01.2015 06:16:02
XBV00111.VDF   : 8.11.204.32    14336 Bytes  22.01.2015 06:16:02
XBV00112.VDF   : 8.11.204.48    58368 Bytes  22.01.2015 07:33:53
XBV00113.VDF   : 8.11.204.50     2048 Bytes  22.01.2015 07:33:53
XBV00114.VDF   : 8.11.204.64    52736 Bytes  22.01.2015 07:40:25
XBV00115.VDF   : 8.11.204.76     2048 Bytes  22.01.2015 07:40:25
XBV00116.VDF   : 8.11.204.88     2048 Bytes  22.01.2015 07:40:25
XBV00117.VDF   : 8.11.204.102     2048 Bytes  22.01.2015 07:40:25
XBV00118.VDF   : 8.11.204.114     2048 Bytes  22.01.2015 07:40:25
XBV00119.VDF   : 8.11.204.126    51712 Bytes  22.01.2015 07:40:25
XBV00120.VDF   : 8.11.204.142    41472 Bytes  22.01.2015 07:40:25
XBV00121.VDF   : 8.11.204.154    12288 Bytes  22.01.2015 07:40:25
XBV00122.VDF   : 8.11.204.158    38400 Bytes  23.01.2015 07:40:25
XBV00123.VDF   : 8.11.204.170     2048 Bytes  23.01.2015 07:40:25
XBV00124.VDF   : 8.11.204.182    33280 Bytes  23.01.2015 14:45:14
XBV00125.VDF   : 8.11.204.194     8192 Bytes  23.01.2015 14:45:14
XBV00126.VDF   : 8.11.204.206     3072 Bytes  23.01.2015 14:45:14
XBV00127.VDF   : 8.11.204.208    20480 Bytes  23.01.2015 20:50:07
XBV00128.VDF   : 8.11.204.214     3584 Bytes  23.01.2015 03:15:07
XBV00129.VDF   : 8.11.204.218     4608 Bytes  23.01.2015 03:15:07
XBV00130.VDF   : 8.11.204.220     4608 Bytes  24.01.2015 03:15:07
XBV00131.VDF   : 8.11.204.224    47104 Bytes  24.01.2015 16:04:37
XBV00132.VDF   : 8.11.204.238    35840 Bytes  24.01.2015 16:04:37
XBV00133.VDF   : 8.11.204.248     2048 Bytes  24.01.2015 16:04:37
XBV00134.VDF   : 8.11.205.2    103936 Bytes  25.01.2015 21:23:10
XBV00135.VDF   : 8.11.205.14    30208 Bytes  25.01.2015 21:23:10
XBV00136.VDF   : 8.11.205.24    90112 Bytes  26.01.2015 09:52:13
XBV00137.VDF   : 8.11.205.34     2048 Bytes  26.01.2015 09:52:13
XBV00138.VDF   : 8.11.205.44     8704 Bytes  26.01.2015 09:52:14
XBV00139.VDF   : 8.11.205.54     9216 Bytes  26.01.2015 09:52:14
XBV00140.VDF   : 8.11.205.64    10240 Bytes  26.01.2015 15:52:09
XBV00141.VDF   : 8.11.205.66     7168 Bytes  26.01.2015 15:52:09
XBV00142.VDF   : 8.11.205.68     2048 Bytes  26.01.2015 15:52:09
XBV00143.VDF   : 8.11.205.76    82944 Bytes  26.01.2015 03:34:23
XBV00144.VDF   : 8.11.205.78     2048 Bytes  26.01.2015 03:34:23
XBV00145.VDF   : 8.11.205.90    14848 Bytes  26.01.2015 03:34:23
XBV00146.VDF   : 8.11.205.100    20992 Bytes  27.01.2015 09:34:24
XBV00147.VDF   : 8.11.205.108     8704 Bytes  27.01.2015 09:34:24
XBV00148.VDF   : 8.11.205.116    11264 Bytes  27.01.2015 09:34:24
XBV00149.VDF   : 8.11.205.118     6144 Bytes  27.01.2015 09:34:24
XBV00150.VDF   : 8.11.205.120    11264 Bytes  27.01.2015 15:34:30
XBV00151.VDF   : 8.11.205.122    15872 Bytes  27.01.2015 15:34:30
XBV00152.VDF   : 8.11.205.126    22528 Bytes  27.01.2015 06:24:40
XBV00153.VDF   : 8.11.205.128     3072 Bytes  27.01.2015 06:24:40
XBV00154.VDF   : 8.11.205.134     7168 Bytes  27.01.2015 06:24:40
XBV00155.VDF   : 8.11.205.140     2048 Bytes  27.01.2015 06:24:40
XBV00156.VDF   : 8.11.205.142    25600 Bytes  27.01.2015 06:24:40
XBV00157.VDF   : 8.11.205.146    45568 Bytes  28.01.2015 06:24:40
XBV00158.VDF   : 8.11.205.154    11264 Bytes  28.01.2015 12:25:16
XBV00159.VDF   : 8.11.205.162    14848 Bytes  28.01.2015 12:25:16
XBV00160.VDF   : 8.11.205.170     8704 Bytes  28.01.2015 12:25:16
XBV00161.VDF   : 8.11.205.178    12800 Bytes  28.01.2015 12:25:16
XBV00162.VDF   : 8.11.205.182    77824 Bytes  28.01.2015 04:54:26
XBV00163.VDF   : 8.11.205.184     2560 Bytes  28.01.2015 04:54:26
XBV00164.VDF   : 8.11.205.192    22528 Bytes  28.01.2015 04:54:26
XBV00165.VDF   : 8.11.205.200    20992 Bytes  28.01.2015 04:54:26
XBV00166.VDF   : 8.11.205.208    24576 Bytes  29.01.2015 10:54:26
XBV00167.VDF   : 8.11.205.214     2048 Bytes  29.01.2015 10:54:26
XBV00168.VDF   : 8.11.205.218    37376 Bytes  29.01.2015 20:51:38
XBV00169.VDF   : 8.11.205.220     2048 Bytes  29.01.2015 20:51:39
XBV00170.VDF   : 8.11.205.224    68096 Bytes  29.01.2015 03:34:24
XBV00171.VDF   : 8.11.205.228     2048 Bytes  29.01.2015 03:34:24
XBV00172.VDF   : 8.11.205.230     2048 Bytes  29.01.2015 03:34:24
XBV00173.VDF   : 8.11.205.232     2048 Bytes  29.01.2015 03:34:24
XBV00174.VDF   : 8.11.205.234    33280 Bytes  29.01.2015 03:34:24
XBV00175.VDF   : 8.11.205.236     2048 Bytes  29.01.2015 03:34:25
XBV00176.VDF   : 8.11.205.240    35840 Bytes  30.01.2015 09:34:36
XBV00177.VDF   : 8.11.205.246     2048 Bytes  30.01.2015 09:34:36
XBV00178.VDF   : 8.11.205.254    38912 Bytes  30.01.2015 15:34:24
XBV00179.VDF   : 8.11.206.0      2048 Bytes  30.01.2015 15:34:24
XBV00180.VDF   : 8.11.206.26    50688 Bytes  30.01.2015 07:51:12
XBV00181.VDF   : 8.11.206.42    15872 Bytes  30.01.2015 07:51:12
XBV00182.VDF   : 8.11.206.44     3072 Bytes  30.01.2015 07:51:12
XBV00183.VDF   : 8.11.206.52     6656 Bytes  31.01.2015 07:51:12
XBV00184.VDF   : 8.11.206.62    29184 Bytes  31.01.2015 13:51:05
XBV00185.VDF   : 8.11.206.64    20480 Bytes  31.01.2015 13:51:05
XBV00186.VDF   : 8.11.206.66    27648 Bytes  31.01.2015 23:10:16
XBV00187.VDF   : 8.11.206.68     2048 Bytes  31.01.2015 23:10:16
XBV00188.VDF   : 8.11.206.76    86016 Bytes  01.02.2015 15:06:27
XBV00189.VDF   : 8.11.206.84     2048 Bytes  01.02.2015 15:06:27
XBV00190.VDF   : 8.11.206.92    16384 Bytes  01.02.2015 15:06:27
XBV00191.VDF   : 8.11.206.100    20992 Bytes  01.02.2015 15:06:27
LOCAL001.VDF   : 8.11.206.100 121265152 Bytes  01.02.2015 15:08:55
Engineversion  : 8.3.28.14 
AEVDF.DLL      : 8.3.1.6       133992 Bytes  20.08.2014 13:56:02
AESCRIPT.DLL   : 8.2.2.52      551792 Bytes  29.01.2015 20:51:38
AESCN.DLL      : 8.3.2.2       139456 Bytes  21.07.2014 12:03:18
AESBX.DLL      : 8.2.20.24    1409224 Bytes  08.05.2014 17:51:49
AERDL.DLL      : 8.2.1.16      743328 Bytes  29.10.2014 14:54:10
AEPACK.DLL     : 8.4.0.58      789360 Bytes  16.01.2015 16:07:26
AEOFFICE.DLL   : 8.3.1.10      351088 Bytes  16.01.2015 16:07:26
AEMOBILE.DLL   : 8.1.2.0       277360 Bytes  16.12.2014 16:58:34
AEHEUR.DLL     : 8.1.4.1506   8079272 Bytes  29.01.2015 20:51:38
AEHELP.DLL     : 8.3.1.0       278728 Bytes  29.05.2014 06:48:14
AEGEN.DLL      : 8.1.7.40      456608 Bytes  19.12.2014 15:17:20
AEEXP.DLL      : 8.4.2.48      252776 Bytes  25.11.2014 13:32:55
AEEMU.DLL      : 8.1.3.4       399264 Bytes  07.08.2014 17:27:10
AEDROID.DLL    : 8.4.3.6       850800 Bytes  16.12.2014 16:58:34
AECORE.DLL     : 8.3.4.0       243624 Bytes  16.12.2014 16:58:34
AEBB.DLL       : 8.1.2.0        60448 Bytes  07.08.2014 17:27:10
AVWINLL.DLL    : 14.0.7.308     25904 Bytes  06.11.2014 09:35:03
AVPREF.DLL     : 14.0.7.308     52016 Bytes  06.11.2014 09:35:04
AVREP.DLL      : 14.0.7.308    220976 Bytes  06.11.2014 09:35:05
AVARKT.DLL     : 14.0.7.308    227632 Bytes  06.11.2014 09:35:03
AVEVTLOG.DLL   : 14.0.7.440    184112 Bytes  09.12.2014 09:56:19
SQLITE3.DLL    : 14.0.7.308    453936 Bytes  06.11.2014 09:35:19
AVSMTP.DLL     : 14.0.7.308     79096 Bytes  06.11.2014 09:35:05
NETNT.DLL      : 14.0.7.308     15152 Bytes  06.11.2014 09:35:17
RCIMAGE.DLL    : 14.0.7.308   4865328 Bytes  06.11.2014 09:35:03
RCTEXT.DLL     : 14.0.7.318     77048 Bytes  06.11.2014 09:35:03

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Sonntag, 01. Februar 2015  16:59

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
Eine Instanz der ARK Library läuft bereits.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '160' Modul(e) wurden durchsucht
Durchsuche Prozess 'STacSV64.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Hpservice.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'AESTSr64.exe' - '8' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'HWDeviceService64.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'ouc.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '207' Modul(e) wurden durchsucht
Durchsuche Prozess 'DCSHelper.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sttray64.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'iCloudServices.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApplePhotoStreams.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '129' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'APSDaemon.exe' - '87' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveUpd.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'jucheck.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'inetstat.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'IEXPLORE.EXE' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'UI0Detect.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '186' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexplore.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'MsSpellCheckingFacility.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'thunderbird.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '139' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3403' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Basis-Dirk>
Beginne mit der Suche in 'D:\' <Daten-Dirk>
    [0] Archivtyp: RSRC
    --> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
        [1] Archivtyp: RSRC
      --> C:\Program Files (x86)\Trojan Remover\Trjscan.exe
          [2] Archivtyp: RSRC
        --> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe
            [3] Archivtyp: RSRC
          --> C:\Users\Dirk\Downloads\trjsetup691.exe
              [4] Archivtyp: Inno Setup
            --> D:\11-Homepages\Templates-und-Module\Sonstige-Templates\Qualify.zip
                [5] Archivtyp: ZIP
              --> Qualify/html/com_content/archive/function.php
                  [FUND]      Enthält verdächtigen Code: HEUR/Infected.WebPage.Gen
                  [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
D:\11-Homepages\Templates-und-Module\Sonstige-Templates\Qualify.zip
  [FUND]      Enthält verdächtigen Code: HEUR/Infected.WebPage.Gen

Beginne mit der Desinfektion:
D:\11-Homepages\Templates-und-Module\Sonstige-Templates\Qualify.zip
  [FUND]      Enthält verdächtigen Code: HEUR/Infected.WebPage.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5068d453.qua' verschoben!


Ende des Suchlaufs: Sonntag, 01. Februar 2015  19:27
Benötigte Zeit:  2:08:13 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  37917 Verzeichnisse wurden überprüft
 771570 Dateien wurden geprüft
      2 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 771568 Dateien ohne Befall
   6317 Archive wurden durchsucht
      1 Warnungen
      1 Hinweise
         
-----
Defogger-Log, kein Neustart erforderlich gewesen:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:42 on 01/02/2015 (Dirk)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
---
----

FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Dirk (administrator) on DIRK-PC on 01-02-2015 19:45:12
Running from C:\Users\Dirk\Desktop
Loaded Profiles: Dirk (Available profiles: Dirk)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [InetStat] => C:\Users\Dirk\AppData\Roaming\InetStat\inetstat.exe [777230 2015-01-27] ()
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_16_0_0_287_ActiveX.exe -update activex
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\MountPoints2: {81f495d1-da99-11e3-aa2a-00238be6d5f7} - F:\AutoRun.exe
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\MountPoints2: {81f495de-da99-11e3-aa2a-00238be6d5f7} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391763618&from=smt&uid=ST500LT012-1DG142_S3P1KVBGXXXXS3P1KVBG&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391763618&from=smt&uid=ST500LT012-1DG142_S3P1KVBGXXXXS3P1KVBG&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391763618&from=smt&uid=ST500LT012-1DG142_S3P1KVBGXXXXS3P1KVBG&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391763618&from=smt&uid=ST500LT012-1DG142_S3P1KVBGXXXXS3P1KVBG&q={searchTerms}
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.autosport.at/
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKLM-x32 - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll (Site Finder)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C03FF709-A07B-4859-8911-F71D0D84E441}: [NameServer] 213.162.69.170 213.162.69.2

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.autosport.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\searchplugins\trovi-search.xml
FF Extension: Firebug - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\firebug@software.joehewitt.com.xpi [2014-02-01]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-02-16]
FF Extension: PageRank - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\PageRank@addonfactory.in.xpi [2014-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google-Suche) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Google Tabellen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Google Mail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-07] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2014-12-30] () [File not signed]
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1069248 2014-02-06] () [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Update RightSurf; "C:\Program Files (x86)\RightSurf\updateRightSurf.exe" [X]
S2 Util RightSurf; "C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 19:45 - 2015-02-01 19:46 - 00018431 _____ () C:\Users\Dirk\Desktop\FRST.txt
2015-02-01 19:44 - 2015-02-01 19:45 - 00000000 ____D () C:\FRST
2015-02-01 19:44 - 2015-02-01 19:44 - 02131456 _____ (Farbar) C:\Users\Dirk\Desktop\FRST64.exe
2015-02-01 19:42 - 2015-02-01 19:42 - 00000470 _____ () C:\Users\Dirk\Desktop\defogger_disable.log
2015-02-01 19:42 - 2015-02-01 19:42 - 00000000 _____ () C:\Users\Dirk\defogger_reenable
2015-02-01 19:41 - 2015-02-01 19:41 - 00050477 _____ () C:\Users\Dirk\Desktop\Defogger.exe
2015-02-01 19:41 - 2015-02-01 19:41 - 00000000 ____D () C:\Problem-Software
2015-01-31 15:52 - 2015-01-31 15:52 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-31 15:52 - 2015-01-31 15:52 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Users\Dirk\Documents\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-31 15:46 - 2015-01-31 15:46 - 31390952 _____ (Simply Super Software ) C:\Users\Dirk\Downloads\trjsetup691.exe
2015-01-27 08:09 - 2015-01-27 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 09:31 - 2015-01-27 08:00 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-26 09:31 - 2015-01-26 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 09:30 - 2015-02-01 19:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 09:30 - 2015-02-01 11:09 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 09:30 - 2015-01-26 09:31 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Google
2015-01-26 09:30 - 2015-01-26 09:31 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-26 09:30 - 2015-01-26 09:30 - 00880784 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2015-01-26 09:30 - 2015-01-26 09:30 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 09:30 - 2015-01-26 09:30 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-17 13:13 - 2015-01-17 13:14 - 06381120 _____ (Tim Kosse) C:\Users\Dirk\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-15 08:32 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 07:38 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 07:38 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 07:38 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 07:38 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 07:38 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 07:38 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 07:38 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 07:38 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 07:38 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 07:38 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:38 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 07:38 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 07:38 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 08:52 - 2015-01-13 08:52 - 00000971 _____ () C:\Users\Dirk\Desktop\Zahlungen - Verknüpfung.lnk
2015-01-12 20:18 - 2015-01-12 20:18 - 00000000 ____D () C:\Windows\Sun
2015-01-02 08:51 - 2015-01-02 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-02 08:49 - 2015-01-02 08:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-02 08:49 - 2015-01-02 08:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 19:42 - 2014-01-30 21:59 - 00000000 ____D () C:\Users\Dirk
2015-02-01 19:30 - 2014-01-30 21:53 - 01989027 _____ () C:\Windows\WindowsUpdate.log
2015-02-01 19:16 - 2014-02-10 20:16 - 00000284 _____ () C:\Windows\Tasks\FoxTab.job
2015-02-01 19:06 - 2014-02-12 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-01 17:37 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-01 17:37 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-01 12:38 - 2014-02-06 13:14 - 00000600 _____ () C:\Users\Dirk\AppData\Roaming\winscp.rnd
2015-02-01 11:40 - 2014-01-31 19:51 - 00001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-02-01 00:24 - 2014-01-31 20:58 - 00000000 ____D () C:\Program Files (x86)\RenWiz
2015-02-01 00:13 - 2014-07-09 19:20 - 00000400 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-02-01 00:13 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-02-01 00:13 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-02-01 00:13 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-01 00:10 - 2014-02-10 20:16 - 00000000 ____D () C:\Program Files (x86)\File Type Assistant
2015-01-27 22:00 - 2014-01-31 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 19:50 - 2014-12-31 12:57 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\InetStat
2015-01-25 22:23 - 2014-02-12 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 22:23 - 2014-01-31 20:21 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 22:23 - 2014-01-31 20:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 18:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 18:18 - 2009-07-14 05:51 - 00084467 _____ () C:\Windows\setupact.log
2015-01-22 14:25 - 2014-01-31 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-22 11:58 - 2010-11-21 04:47 - 00130146 _____ () C:\Windows\PFRO.log
2015-01-17 18:09 - 2014-02-09 14:21 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\FileZilla
2015-01-17 13:14 - 2014-01-31 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-14 17:29 - 2014-01-30 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:24 - 2014-01-30 22:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-05 14:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-02 20:50 - 2014-12-23 10:54 - 00018388 _____ () C:\Users\Dirk\Desktop\Domain - alte neue Adressen.xlsx

==================== Files in the root of some directories =======

2015-01-26 09:30 - 2015-01-26 09:30 - 0880784 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2014-09-18 09:01 - 2014-09-18 09:01 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-11-09 10:57 - 2014-12-21 19:03 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-07 10:01 - 2014-02-07 10:06 - 0033757 _____ () C:\Users\Dirk\AppData\Roaming\LiveSupport.exe_log.txt
2014-02-07 10:01 - 2014-02-07 10:06 - 0000092 _____ () C:\Users\Dirk\AppData\Roaming\regsvr32.exe_log.txt
2014-02-10 20:16 - 2014-07-19 04:52 - 0000138 _____ () C:\Users\Dirk\AppData\Roaming\WB.CFG
2014-02-06 13:14 - 2015-02-01 12:38 - 0000600 _____ () C:\Users\Dirk\AppData\Roaming\winscp.rnd
2014-01-31 19:51 - 2015-02-01 11:40 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Save for Web 13.0 Prefs

Some content of TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\avgnt.exe
C:\Users\Dirk\AppData\Local\Temp\FirefoxUpdateSetup.exe
C:\Users\Dirk\AppData\Local\Temp\MozillaThunderbirdUpdateSetup.exe
C:\Users\Dirk\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dirk\AppData\Local\Temp\WinSCPUpdateSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 21:10

==================== End Of Log ============================
         
----
----
Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Dirk at 2015-02-01 19:46:48
Running from C:\Users\Dirk\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aff Packages (HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Aff Packages) (Version:  - ) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Astalavista (HKLM-x32\...\Astalavista_is1) (Version:  - Tangysoft Ltd.)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CoffeeCup HTML Editor (HKLM-x32\...\CoffeeCup HTML Editor) (Version:  - )
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.2.0 - COMODO)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dir-It! (HKLM-x32\...\{E3ED49BB-0544-4844-B296-6A0CB28E7BE3}) (Version: 4.02.0000 - Wirth IT Design)
Dropbox (HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.5.6.0 - ) <==== ATTENTION
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Foxtab (HKLM-x32\...\foxtab) (Version:  - FoxTab) <==== ATTENTION!
Free File Viewer 2014 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
InetStat (HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION!
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.74.55 - Huawei Technologies Co.,Ltd)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
KMSpico v9.2.1 Beta (HKLM\...\KMSpico_is1) (Version: 9.2.1 Beta - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 en-US)) (Version: 31.4.0 - Mozilla)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
RenWiz (HKLM-x32\...\RenWiz) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SiteFinder (HKLM-x32\...\SiteFinder) (Version: 1.0.0.0 - SiteFinder) <==== ATTENTION!
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51 beta 2 - Ghisler Software GmbH)
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Wajam (HKLM-x32\...\WaInterEnhance) (Version: 2.21.2.27 (i2.6) - WaInterEnhance) <==== ATTENTION
WinRAR 5.10 beta 4 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
WinSCP 5.5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.5.1 - Martin Prikryl)
WinX Free VOB to MP4 Converter 2.0.8 (HKLM-x32\...\WinX Free VOB to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
XAMPP (HKLM-x32\...\xampp) (Version: 5.5.19-0 - Bitnami)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2636347820-3807825714-3230885982-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

02-01-2015 08:47:32 Windows Update
10-01-2015 20:04:36 Geplanter Prüfpunkt
14-01-2015 17:23:52 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09BBD4E6-109A-4FA4-913D-ADC818E09E51} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-02-06] ()
Task: {1F380982-EFF2-484C-AA6F-8D878A762308} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2014-03-25] (Trusted Software ApS) <==== ATTENTION
Task: {2DA51495-F6AA-4492-82DC-A707F8CEBE16} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {34743A0B-2835-4136-8BE5-23D5D5BCED6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {38B23841-6FBA-400F-92D8-5EB7151A7761} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {407D16EC-A881-4078-A81B-1155EF0EC411} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {468C148B-2A09-4D18-8F69-23DF929387EC} - System32\Tasks\FoxTab => C:\Users\Dirk\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5E3A168B-1B44-40D4-B45F-37031B307BE7} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe [2014-05-12] (                                                            ) <==== ATTENTION
Task: {7076039A-89BB-4C75-9A5B-96DA1009C2FC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {77A34205-B5A1-41BF-BBF9-8155CFED088E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {A072A749-E658-45B4-A6F2-899D936A521B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26] (Google Inc.)
Task: {B8FFD1D8-C229-4290-9A6F-B0AC99248C76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {EF424FFF-4607-4D35-8AB2-725EB1DC84C1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FAFB8D22-ECBC-420D-B847-DAAD9E714010} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2013-03-25] (Bitberry Software) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\Dirk\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-05-14 11:06 - 2013-02-05 08:24 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2014-02-11 03:21 - 2014-02-11 03:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-14 11:08 - 2013-02-05 08:25 - 01541120 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-14 11:06 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2014-05-14 11:06 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2014-05-14 11:06 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2014-05-14 11:06 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-05-14 11:06 - 2012-10-31 10:33 - 09562624 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtGui4.dll
2014-05-14 11:08 - 2012-10-31 12:14 - 00082944 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qgif4.dll
2014-05-14 11:08 - 2012-10-31 12:16 - 00081920 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qico4.dll
2015-01-27 08:09 - 2015-01-27 08:10 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-16 16:34 - 2015-01-16 16:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-01-15 08:32 - 2015-01-15 08:32 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-15 08:32 - 2015-01-15 08:32 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-15 08:32 - 2015-01-15 08:32 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2636347820-3807825714-3230885982-500 - Administrator - Disabled)
Dirk (S-1-5-21-2636347820-3807825714-3230885982-1000 - Administrator - Enabled) => C:\Users\Dirk
Gast (S-1-5-21-2636347820-3807825714-3230885982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2636347820-3807825714-3230885982-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2015 06:50:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: inetstat.exe, Version: 0.0.0.0, Zeitstempel: 0x54b800bc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002fb8c
ID des fehlerhaften Prozesses: 0x2814
Startzeit der fehlerhaften Anwendung: 0xinetstat.exe0
Pfad der fehlerhaften Anwendung: inetstat.exe1
Pfad des fehlerhaften Moduls: inetstat.exe2
Berichtskennung: inetstat.exe3

Error: (02/01/2015 04:06:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11384719

Error: (02/01/2015 04:06:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11384719

Error: (02/01/2015 04:06:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 04:06:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11383689

Error: (02/01/2015 04:06:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11383689

Error: (02/01/2015 04:06:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 04:06:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11382675

Error: (02/01/2015 04:06:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11382675

Error: (02/01/2015 04:06:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/01/2015 04:05:39 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (02/01/2015 11:03:23 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (02/01/2015 07:04:28 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (02/01/2015 00:10:02 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/31/2015 08:50:45 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/30/2015 08:29:02 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/30/2015 08:29:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (01/30/2015 04:34:12 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (01/30/2015 04:34:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AntiVirSchedulerService erreicht.

Error: (01/29/2015 09:51:13 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (02/01/2015 06:50:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: inetstat.exe0.0.0.054b800bcntdll.dll6.1.7601.18247521ea8e7c00000050002fb8c281401d03a616c432dabC:\Users\Dirk\AppData\Roaming\InetStat\inetstat.exeC:\Windows\SysWOW64\ntdll.dllc8d308f5-aa3a-11e4-9589-00238be6d5f7

Error: (02/01/2015 04:06:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11384719

Error: (02/01/2015 04:06:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11384719

Error: (02/01/2015 04:06:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 04:06:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11383689

Error: (02/01/2015 04:06:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11383689

Error: (02/01/2015 04:06:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/01/2015 04:06:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11382675

Error: (02/01/2015 04:06:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11382675

Error: (02/01/2015 04:06:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 4093.2 MB
Available physical RAM: 1676.47 MB
Total Pagefile: 8184.57 MB
Available Pagefile: 5142.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Basis-Dirk) (Fixed) (Total:195.21 GB) (Free:130.21 GB) NTFS
Drive d: (Daten-Dirk) (Fixed) (Total:270.45 GB) (Free:230.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D25E215D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
----
----
GMER.txt:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-02 10:23:08
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST500LT012-1DG142 rev.0001SDM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Dirk\AppData\Local\Temp\pgtdapow.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 448                                                                                                                       fffff800031b7000 63 bytes [43, 4D, 33, 31, 05, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 513                                                                                                                       fffff800031b7041 12 bytes [90, D5, 0C, A0, F8, FF, FF, ...]

---- Threads - GMER 2.1 ----

Thread    C:\Windows\Explorer.EXE [2336:5100]                                                                                                                                                      0000000010a07b20
Thread    C:\Windows\Explorer.EXE [2336:10036]                                                                                                                                                     0000000010a281a0
Thread    C:\Windows\Explorer.EXE [2336:12052]                                                                                                                                                     0000000011eb7b20
Thread    C:\Windows\Explorer.EXE [2336:9484]                                                                                                                                                      0000000011ed81a0
---- Processes - GMER 2.1 ----

Process   C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [1224](2014-05-14 10:06:28)                             0000000000400000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [1224](2014-05-14 10:06:28)                        000000006fbc0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [1224](2014-05-14 10:06:28)                  000000006e940000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [1224](2014-05-14 10:06:28)                         000000006a1c0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe [1224](2014-05-14 10:06:28)                      000000006ff00000
Process   C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:08:52)                     0000000000400000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:06:28)                    000000006fbc0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:06:28)              000000006e940000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:06:28)                     000000006a1c0000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtGui4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:06:28)                      0000000065100000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:06:28)                  000000006ff00000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qgif4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:08:52)  0000000068f00000
Library   C:\ProgramData\Internet Manager\OnlineUpdate\plugins\imageformats\qico4.dll (*** suspicious ***) @ C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe [5704](2014-05-14 10:08:52)  000000006bdc0000

---- EOF - GMER 2.1 ----
         
Vorab schon einmal vielen Dank für die Hilfe !!!

Alt 02.02.2015, 10:28   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Aff Packages

    File Type Assistant

    Foxtab

    Free File Viewer 2014

    InetStat

    SiteFinder

    Wajam


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 02.02.2015, 12:17   #3
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Virenscanner aus ?



Hallo
Soll ich während der gesamten Vorgänge die Internetverbindung trennen und Alvira-Schutz deaktivieren ?

Hier der Mbar-Log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.02.02.02
  rootkit: v2015.01.14.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Dirk :: DIRK-PC [administrator]

02.02.2015 12:30:53
mbar-log-2015-02-02 (12-30-53).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 339097
Time elapsed: 19 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
----
Und hier der TDSS-Killer.log:
Code:
ATTFilter
13:09:18.0561 0x42f4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:09:27.0220 0x42f4  ============================================================
13:09:27.0220 0x42f4  Current date / time: 2015/02/02 13:09:27.0220
13:09:27.0220 0x42f4  SystemInfo:
13:09:27.0220 0x42f4  
13:09:27.0220 0x42f4  OS Version: 6.1.7601 ServicePack: 1.0
13:09:27.0220 0x42f4  Product type: Workstation
13:09:27.0220 0x42f4  ComputerName: DIRK-PC
13:09:27.0221 0x42f4  UserName: Dirk
13:09:27.0221 0x42f4  Windows directory: C:\Windows
13:09:27.0221 0x42f4  System windows directory: C:\Windows
13:09:27.0221 0x42f4  Running under WOW64
13:09:27.0221 0x42f4  Processor architecture: Intel x64
13:09:27.0221 0x42f4  Number of processors: 2
13:09:27.0221 0x42f4  Page size: 0x1000
13:09:27.0221 0x42f4  Boot type: Normal boot
13:09:27.0221 0x42f4  ============================================================
13:09:29.0526 0x42f4  KLMD registered as C:\Windows\system32\drivers\56646749.sys
13:09:29.0827 0x42f4  System UUID: {AD9A45AA-41BE-88E7-9F72-A5C7514600F3}
13:09:30.0508 0x42f4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:09:30.0531 0x42f4  ============================================================
13:09:30.0531 0x42f4  \Device\Harddisk0\DR0:
13:09:30.0532 0x42f4  MBR partitions:
13:09:30.0532 0x42f4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:09:30.0532 0x42f4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
13:09:30.0532 0x42f4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x21CE5800
13:09:30.0532 0x42f4  ============================================================
13:09:30.0584 0x42f4  C: <-> \Device\Harddisk0\DR0\Partition2
13:09:30.0631 0x42f4  D: <-> \Device\Harddisk0\DR0\Partition3
13:09:30.0631 0x42f4  ============================================================
13:09:30.0631 0x42f4  Initialize success
13:09:30.0631 0x42f4  ============================================================
13:10:37.0642 0x0cfc  ============================================================
13:10:37.0642 0x0cfc  Scan started
13:10:37.0642 0x0cfc  Mode: Manual; SigCheck; TDLFS; 
13:10:37.0642 0x0cfc  ============================================================
13:10:37.0642 0x0cfc  KSN ping started
13:10:51.0448 0x0cfc  KSN ping finished: true
13:10:52.0540 0x0cfc  ================ Scan system memory ========================
13:10:52.0540 0x0cfc  System memory - ok
13:10:52.0540 0x0cfc  ================ Scan services =============================
13:10:52.0681 0x0cfc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:10:52.0821 0x0cfc  1394ohci - ok
13:10:52.0852 0x0cfc  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
13:10:52.0883 0x0cfc  Accelerometer - ok
13:10:52.0930 0x0cfc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:10:52.0961 0x0cfc  ACPI - ok
13:10:52.0993 0x0cfc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:10:53.0071 0x0cfc  AcpiPmi - ok
13:10:53.0180 0x0cfc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:10:53.0211 0x0cfc  AdobeARMservice - ok
13:10:53.0320 0x0cfc  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:10:53.0351 0x0cfc  AdobeFlashPlayerUpdateSvc - ok
13:10:53.0414 0x0cfc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:10:53.0461 0x0cfc  adp94xx - ok
13:10:53.0523 0x0cfc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:10:53.0570 0x0cfc  adpahci - ok
13:10:53.0601 0x0cfc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:10:53.0632 0x0cfc  adpu320 - ok
13:10:53.0663 0x0cfc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:10:53.0788 0x0cfc  AeLookupSvc - ok
13:10:53.0897 0x0cfc  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
13:10:53.0960 0x0cfc  AESTFilters - ok
13:10:54.0022 0x0cfc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
13:10:54.0116 0x0cfc  AFD - ok
13:10:54.0147 0x0cfc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:10:54.0163 0x0cfc  agp440 - ok
13:10:54.0194 0x0cfc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:10:54.0272 0x0cfc  ALG - ok
13:10:54.0303 0x0cfc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:10:54.0319 0x0cfc  aliide - ok
13:10:54.0365 0x0cfc  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:10:54.0443 0x0cfc  AMD External Events Utility - ok
13:10:54.0459 0x0cfc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:10:54.0475 0x0cfc  amdide - ok
13:10:54.0506 0x0cfc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:10:54.0568 0x0cfc  AmdK8 - ok
13:10:54.0584 0x0cfc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:10:54.0615 0x0cfc  AmdPPM - ok
13:10:54.0662 0x0cfc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:10:54.0677 0x0cfc  amdsata - ok
13:10:54.0724 0x0cfc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:10:54.0755 0x0cfc  amdsbs - ok
13:10:54.0771 0x0cfc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:10:54.0802 0x0cfc  amdxata - ok
13:10:54.0865 0x0cfc  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:10:54.0911 0x0cfc  AntiVirSchedulerService - ok
13:10:54.0958 0x0cfc  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:10:54.0989 0x0cfc  AntiVirService - ok
13:10:55.0052 0x0cfc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:10:55.0223 0x0cfc  AppID - ok
13:10:55.0239 0x0cfc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:10:55.0333 0x0cfc  AppIDSvc - ok
13:10:55.0364 0x0cfc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:10:55.0504 0x0cfc  Appinfo - ok
13:10:55.0691 0x0cfc  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:10:55.0707 0x0cfc  Apple Mobile Device - ok
13:10:55.0769 0x0cfc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:10:55.0832 0x0cfc  AppMgmt - ok
13:10:55.0847 0x0cfc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:10:55.0879 0x0cfc  arc - ok
13:10:55.0910 0x0cfc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:10:55.0941 0x0cfc  arcsas - ok
13:10:56.0035 0x0cfc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:10:56.0066 0x0cfc  aspnet_state - ok
13:10:56.0097 0x0cfc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:10:56.0175 0x0cfc  AsyncMac - ok
13:10:56.0206 0x0cfc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:10:56.0237 0x0cfc  atapi - ok
13:10:56.0549 0x0cfc  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:10:57.0111 0x0cfc  atikmdag - ok
13:10:57.0205 0x0cfc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:10:57.0298 0x0cfc  AudioEndpointBuilder - ok
13:10:57.0329 0x0cfc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:10:57.0392 0x0cfc  AudioSrv - ok
13:10:57.0485 0x0cfc  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:10:57.0501 0x0cfc  avgntflt - ok
13:10:57.0579 0x0cfc  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:10:57.0595 0x0cfc  avipbb - ok
13:10:57.0704 0x0cfc  [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
13:10:57.0719 0x0cfc  Avira.OE.ServiceHost - ok
13:10:57.0766 0x0cfc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:10:57.0797 0x0cfc  avkmgr - ok
13:10:57.0860 0x0cfc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:10:57.0969 0x0cfc  AxInstSV - ok
13:10:58.0016 0x0cfc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:10:58.0094 0x0cfc  b06bdrv - ok
13:10:58.0141 0x0cfc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:10:58.0203 0x0cfc  b57nd60a - ok
13:10:58.0375 0x0cfc  [ FB4FDA64F2E8552EAEB5986C3F34462C, EFC81E1227339FC721B926633BE15B5476A161452D6D054455F4B1FE87D9B891 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:10:58.0515 0x0cfc  BCM43XX - ok
13:10:58.0562 0x0cfc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:10:58.0609 0x0cfc  BDESVC - ok
13:10:58.0640 0x0cfc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:10:58.0733 0x0cfc  Beep - ok
13:10:58.0765 0x0cfc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:10:58.0858 0x0cfc  BFE - ok
13:10:58.0921 0x0cfc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:10:59.0045 0x0cfc  BITS - ok
13:10:59.0092 0x0cfc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:10:59.0139 0x0cfc  blbdrive - ok
13:10:59.0201 0x0cfc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:10:59.0233 0x0cfc  Bonjour Service - ok
13:10:59.0279 0x0cfc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:10:59.0326 0x0cfc  bowser - ok
13:10:59.0357 0x0cfc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:10:59.0389 0x0cfc  BrFiltLo - ok
13:10:59.0404 0x0cfc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:10:59.0435 0x0cfc  BrFiltUp - ok
13:10:59.0467 0x0cfc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:10:59.0513 0x0cfc  Browser - ok
13:10:59.0545 0x0cfc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:10:59.0607 0x0cfc  Brserid - ok
13:10:59.0623 0x0cfc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:10:59.0669 0x0cfc  BrSerWdm - ok
13:10:59.0685 0x0cfc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:10:59.0716 0x0cfc  BrUsbMdm - ok
13:10:59.0732 0x0cfc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:10:59.0763 0x0cfc  BrUsbSer - ok
13:10:59.0779 0x0cfc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:10:59.0810 0x0cfc  BTHMODEM - ok
13:10:59.0857 0x0cfc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:10:59.0935 0x0cfc  bthserv - ok
13:10:59.0981 0x0cfc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:11:00.0059 0x0cfc  cdfs - ok
13:11:00.0122 0x0cfc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:11:00.0169 0x0cfc  cdrom - ok
13:11:00.0200 0x0cfc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:11:00.0262 0x0cfc  CertPropSvc - ok
13:11:00.0293 0x0cfc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:11:00.0340 0x0cfc  circlass - ok
13:11:00.0371 0x0cfc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:11:00.0403 0x0cfc  CLFS - ok
13:11:00.0481 0x0cfc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:11:00.0512 0x0cfc  clr_optimization_v2.0.50727_32 - ok
13:11:00.0559 0x0cfc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:11:00.0574 0x0cfc  clr_optimization_v2.0.50727_64 - ok
13:11:00.0652 0x0cfc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:11:00.0683 0x0cfc  clr_optimization_v4.0.30319_32 - ok
13:11:00.0699 0x0cfc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:11:00.0730 0x0cfc  clr_optimization_v4.0.30319_64 - ok
13:11:00.0777 0x0cfc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:11:00.0808 0x0cfc  CmBatt - ok
13:11:00.0824 0x0cfc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:11:00.0839 0x0cfc  cmdide - ok
13:11:00.0917 0x0cfc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:11:00.0980 0x0cfc  CNG - ok
13:11:01.0011 0x0cfc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:11:01.0042 0x0cfc  Compbatt - ok
13:11:01.0058 0x0cfc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:11:01.0120 0x0cfc  CompositeBus - ok
13:11:01.0136 0x0cfc  COMSysApp - ok
13:11:01.0151 0x0cfc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:11:01.0183 0x0cfc  crcdisk - ok
13:11:01.0214 0x0cfc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:11:01.0261 0x0cfc  CryptSvc - ok
13:11:01.0307 0x0cfc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
13:11:01.0370 0x0cfc  CSC - ok
13:11:01.0417 0x0cfc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
13:11:01.0495 0x0cfc  CscService - ok
13:11:01.0573 0x0cfc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:11:01.0682 0x0cfc  DcomLaunch - ok
13:11:01.0729 0x0cfc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:11:01.0822 0x0cfc  defragsvc - ok
13:11:01.0838 0x0cfc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:11:01.0931 0x0cfc  DfsC - ok
13:11:01.0978 0x0cfc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:11:02.0041 0x0cfc  Dhcp - ok
13:11:02.0056 0x0cfc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:11:02.0134 0x0cfc  discache - ok
13:11:02.0181 0x0cfc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:11:02.0197 0x0cfc  Disk - ok
13:11:02.0228 0x0cfc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:11:02.0275 0x0cfc  dmvsc - ok
13:11:02.0321 0x0cfc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:11:02.0384 0x0cfc  Dnscache - ok
13:11:02.0446 0x0cfc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:11:02.0524 0x0cfc  dot3svc - ok
13:11:02.0555 0x0cfc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:11:02.0649 0x0cfc  DPS - ok
13:11:02.0805 0x0cfc  [ 08EE57B20D4508B24A7E3619F10F5FD3, 2506E2D0429B44D4A0F0781BC9D2C631CE809634080FFA0612F03FE6391F61C4 ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
13:11:02.0930 0x0cfc  DragonUpdater - ok
13:11:02.0977 0x0cfc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:11:03.0023 0x0cfc  drmkaud - ok
13:11:03.0117 0x0cfc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:11:03.0179 0x0cfc  DXGKrnl - ok
13:11:03.0242 0x0cfc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:11:03.0320 0x0cfc  EapHost - ok
13:11:03.0507 0x0cfc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:11:03.0741 0x0cfc  ebdrv - ok
13:11:03.0803 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
13:11:03.0850 0x0cfc  EFS - ok
13:11:03.0944 0x0cfc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:11:04.0037 0x0cfc  ehRecvr - ok
13:11:04.0053 0x0cfc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:11:04.0084 0x0cfc  ehSched - ok
13:11:04.0147 0x0cfc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:11:04.0193 0x0cfc  elxstor - ok
13:11:04.0209 0x0cfc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:11:04.0240 0x0cfc  ErrDev - ok
13:11:04.0303 0x0cfc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:11:04.0396 0x0cfc  EventSystem - ok
13:11:04.0443 0x0cfc  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
13:11:04.0505 0x0cfc  ew_hwusbdev - ok
13:11:04.0537 0x0cfc  [ FF82FE59664304F75FC56EC0E92796F0, 943DF1D66BAC8EDDF45E77E2E17136ADBD2A5378BBFA93D2C78C16FEC5A7F14F ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
13:11:04.0599 0x0cfc  ew_usbenumfilter - ok
13:11:04.0630 0x0cfc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:11:04.0693 0x0cfc  exfat - ok
13:11:04.0739 0x0cfc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:11:04.0817 0x0cfc  fastfat - ok
13:11:04.0880 0x0cfc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:11:04.0973 0x0cfc  Fax - ok
13:11:05.0005 0x0cfc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:11:05.0036 0x0cfc  fdc - ok
13:11:05.0067 0x0cfc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:11:05.0161 0x0cfc  fdPHost - ok
13:11:05.0176 0x0cfc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:11:05.0254 0x0cfc  FDResPub - ok
13:11:05.0285 0x0cfc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:11:05.0301 0x0cfc  FileInfo - ok
13:11:05.0332 0x0cfc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:11:05.0410 0x0cfc  Filetrace - ok
13:11:05.0426 0x0cfc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:11:05.0441 0x0cfc  flpydisk - ok
13:11:05.0488 0x0cfc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:11:05.0519 0x0cfc  FltMgr - ok
13:11:05.0613 0x0cfc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:11:05.0863 0x0cfc  FontCache - ok
13:11:05.0987 0x0cfc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:11:06.0003 0x0cfc  FontCache3.0.0.0 - ok
13:11:06.0034 0x0cfc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:11:06.0065 0x0cfc  FsDepends - ok
13:11:06.0081 0x0cfc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:11:06.0112 0x0cfc  Fs_Rec - ok
13:11:06.0143 0x0cfc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:11:06.0190 0x0cfc  fvevol - ok
13:11:06.0221 0x0cfc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:11:06.0237 0x0cfc  gagp30kx - ok
13:11:06.0284 0x0cfc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:11:06.0299 0x0cfc  GEARAspiWDM - ok
13:11:06.0362 0x0cfc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:11:06.0471 0x0cfc  gpsvc - ok
13:11:06.0518 0x0cfc  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:11:06.0549 0x0cfc  gupdate - ok
13:11:06.0565 0x0cfc  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:11:06.0580 0x0cfc  gupdatem - ok
13:11:06.0611 0x0cfc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:11:06.0674 0x0cfc  hcw85cir - ok
13:11:06.0721 0x0cfc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:11:06.0877 0x0cfc  HdAudAddService - ok
13:11:06.0908 0x0cfc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:11:06.0955 0x0cfc  HDAudBus - ok
13:11:06.0970 0x0cfc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:11:07.0001 0x0cfc  HidBatt - ok
13:11:07.0017 0x0cfc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:11:07.0079 0x0cfc  HidBth - ok
13:11:07.0079 0x0cfc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:11:07.0111 0x0cfc  HidIr - ok
13:11:07.0142 0x0cfc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:11:07.0220 0x0cfc  hidserv - ok
13:11:07.0267 0x0cfc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:11:07.0329 0x0cfc  HidUsb - ok
13:11:07.0360 0x0cfc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:11:07.0454 0x0cfc  hkmsvc - ok
13:11:07.0469 0x0cfc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:11:07.0532 0x0cfc  HomeGroupListener - ok
13:11:07.0579 0x0cfc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:11:07.0641 0x0cfc  HomeGroupProvider - ok
13:11:07.0688 0x0cfc  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
13:11:07.0703 0x0cfc  hpdskflt - ok
13:11:07.0735 0x0cfc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:11:07.0766 0x0cfc  HpSAMD - ok
13:11:07.0781 0x0cfc  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
13:11:07.0797 0x0cfc  hpsrv - ok
13:11:07.0859 0x0cfc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:11:07.0969 0x0cfc  HTTP - ok
13:11:08.0015 0x0cfc  [ 4205571B46BAF3A43D43A9804810DF9A, 65F971AD054810113EE5057E3B4FFF611BBE299671C8017E6E5B0F16FC4D58AE ] huawei_cdcacm   C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
13:11:08.0062 0x0cfc  huawei_cdcacm - ok
13:11:08.0093 0x0cfc  [ F6C1661C55EAAD2DD9FBB37D5DF1A011, 8511A28F6FAECCBB86342B9490158C2E1031B6161DAD702D0DC2991366DB28DA ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
13:11:08.0140 0x0cfc  huawei_enumerator - ok
13:11:08.0171 0x0cfc  [ F7D991E5EA0433DBAEEE186CAD2BEBC9, D051ECAABFEBFCBBA548964DCCDD29DD996814AF4B01AE11B244584BD0FBD82B ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
13:11:08.0218 0x0cfc  huawei_ext_ctrl - ok
13:11:08.0249 0x0cfc  [ 06D9644E6BD7AD1C18B78D4D4EE87586, CEA690D0E86993DE9E92118C1E545C2AA0498606A721382734B5B0FD5BBFA7C0 ] huawei_wwanecm  C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
13:11:08.0296 0x0cfc  huawei_wwanecm - ok
13:11:08.0405 0x0cfc  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
13:11:08.0437 0x0cfc  HWDeviceService64.exe - ok
13:11:08.0468 0x0cfc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:11:08.0483 0x0cfc  hwpolicy - ok
13:11:08.0530 0x0cfc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:11:08.0561 0x0cfc  i8042prt - ok
13:11:08.0593 0x0cfc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:11:08.0639 0x0cfc  iaStorV - ok
13:11:08.0733 0x0cfc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:11:08.0780 0x0cfc  idsvc - ok
13:11:08.0811 0x0cfc  IEEtwCollectorService - ok
13:11:08.0858 0x0cfc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:11:08.0889 0x0cfc  iirsp - ok
13:11:08.0967 0x0cfc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:11:09.0092 0x0cfc  IKEEXT - ok
13:11:09.0123 0x0cfc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:11:09.0154 0x0cfc  intelide - ok
13:11:09.0185 0x0cfc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:11:09.0248 0x0cfc  intelppm - ok
13:11:09.0310 0x0cfc  [ F87AB0028BEC24F93519F33AEA39B90A, 17108380F71B2C453038ADE2CB92E7E91A15DE71BF07249186BCAF44BDC28733 ] Internet Enhancer Service C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe
13:11:09.0341 0x0cfc  Internet Enhancer Service - detected UnsignedFile.Multi.Generic ( 1 )
13:11:12.0118 0x0cfc  Detect skipped due to KSN trusted
13:11:12.0118 0x0cfc  Internet Enhancer Service - ok
13:11:12.0337 0x0cfc  [ C5678CCEB3E9E03639C0A0E67B132E92, 3997C2F0410C7211C32730D3D80CDE18EABAAC9F244282008490351B9A4057EB ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
13:11:12.0383 0x0cfc  Internet Manager. RunOuc - detected UnsignedFile.Multi.Generic ( 1 )
13:11:15.0317 0x0cfc  Internet Manager. RunOuc ( UnsignedFile.Multi.Generic ) - warning
13:11:15.0317 0x0cfc  Force sending object to P2P due to detect: Internet Manager. RunOuc
13:11:18.0110 0x0cfc  Object send P2P result: true
13:11:20.0918 0x0cfc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:11:20.0996 0x0cfc  IPBusEnum - ok
13:11:21.0058 0x0cfc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:11:21.0121 0x0cfc  IpFilterDriver - ok
13:11:21.0167 0x0cfc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:11:21.0245 0x0cfc  iphlpsvc - ok
13:11:21.0277 0x0cfc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:11:21.0308 0x0cfc  IPMIDRV - ok
13:11:21.0323 0x0cfc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:11:21.0417 0x0cfc  IPNAT - ok
13:11:21.0479 0x0cfc  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:11:21.0526 0x0cfc  iPod Service - ok
13:11:21.0557 0x0cfc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:11:21.0604 0x0cfc  IRENUM - ok
13:11:21.0604 0x0cfc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:11:21.0635 0x0cfc  isapnp - ok
13:11:21.0667 0x0cfc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:11:21.0698 0x0cfc  iScsiPrt - ok
13:11:21.0729 0x0cfc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:11:21.0760 0x0cfc  kbdclass - ok
13:11:21.0791 0x0cfc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:11:21.0807 0x0cfc  kbdhid - ok
13:11:21.0838 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
13:11:21.0854 0x0cfc  KeyIso - ok
13:11:21.0901 0x0cfc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:11:21.0932 0x0cfc  KSecDD - ok
13:11:21.0979 0x0cfc  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:11:21.0994 0x0cfc  KSecPkg - ok
13:11:22.0041 0x0cfc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:11:22.0103 0x0cfc  ksthunk - ok
13:11:22.0150 0x0cfc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:11:22.0259 0x0cfc  KtmRm - ok
13:11:22.0306 0x0cfc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:11:22.0384 0x0cfc  LanmanServer - ok
13:11:22.0431 0x0cfc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:11:22.0525 0x0cfc  LanmanWorkstation - ok
13:11:22.0556 0x0cfc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:11:22.0634 0x0cfc  lltdio - ok
13:11:22.0681 0x0cfc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:11:22.0774 0x0cfc  lltdsvc - ok
13:11:22.0790 0x0cfc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:11:22.0868 0x0cfc  lmhosts - ok
13:11:22.0915 0x0cfc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:11:22.0930 0x0cfc  LSI_FC - ok
13:11:22.0961 0x0cfc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:11:22.0977 0x0cfc  LSI_SAS - ok
13:11:23.0008 0x0cfc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:11:23.0024 0x0cfc  LSI_SAS2 - ok
13:11:23.0039 0x0cfc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:11:23.0071 0x0cfc  LSI_SCSI - ok
13:11:23.0117 0x0cfc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:11:23.0195 0x0cfc  luafv - ok
13:11:23.0211 0x0cfc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:11:23.0258 0x0cfc  Mcx2Svc - ok
13:11:23.0273 0x0cfc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:11:23.0305 0x0cfc  megasas - ok
13:11:23.0336 0x0cfc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:11:23.0367 0x0cfc  MegaSR - ok
13:11:23.0414 0x0cfc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:11:23.0492 0x0cfc  MMCSS - ok
13:11:23.0523 0x0cfc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:11:23.0601 0x0cfc  Modem - ok
13:11:23.0632 0x0cfc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:11:23.0663 0x0cfc  monitor - ok
13:11:23.0679 0x0cfc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:11:23.0710 0x0cfc  mouclass - ok
13:11:23.0741 0x0cfc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:11:23.0757 0x0cfc  mouhid - ok
13:11:23.0773 0x0cfc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:11:23.0804 0x0cfc  mountmgr - ok
13:11:23.0835 0x0cfc  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:11:23.0866 0x0cfc  MozillaMaintenance - ok
13:11:23.0897 0x0cfc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:11:23.0929 0x0cfc  mpio - ok
13:11:23.0960 0x0cfc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:11:24.0038 0x0cfc  mpsdrv - ok
13:11:24.0100 0x0cfc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:11:24.0209 0x0cfc  MpsSvc - ok
13:11:24.0256 0x0cfc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:11:24.0303 0x0cfc  MRxDAV - ok
13:11:24.0350 0x0cfc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:11:24.0397 0x0cfc  mrxsmb - ok
13:11:24.0428 0x0cfc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:11:24.0459 0x0cfc  mrxsmb10 - ok
13:11:24.0475 0x0cfc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:11:24.0506 0x0cfc  mrxsmb20 - ok
13:11:24.0553 0x0cfc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:11:24.0568 0x0cfc  msahci - ok
13:11:24.0615 0x0cfc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:11:24.0646 0x0cfc  msdsm - ok
13:11:24.0693 0x0cfc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:11:24.0740 0x0cfc  MSDTC - ok
13:11:24.0787 0x0cfc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:11:24.0865 0x0cfc  Msfs - ok
13:11:24.0880 0x0cfc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:11:24.0958 0x0cfc  mshidkmdf - ok
13:11:24.0974 0x0cfc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:11:25.0005 0x0cfc  msisadrv - ok
13:11:25.0052 0x0cfc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:11:25.0145 0x0cfc  MSiSCSI - ok
13:11:25.0161 0x0cfc  msiserver - ok
13:11:25.0192 0x0cfc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:11:25.0270 0x0cfc  MSKSSRV - ok
13:11:25.0286 0x0cfc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:11:25.0364 0x0cfc  MSPCLOCK - ok
13:11:25.0395 0x0cfc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:11:25.0489 0x0cfc  MSPQM - ok
13:11:25.0520 0x0cfc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:11:25.0551 0x0cfc  MsRPC - ok
13:11:25.0567 0x0cfc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:11:25.0598 0x0cfc  mssmbios - ok
13:11:25.0598 0x0cfc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:11:25.0676 0x0cfc  MSTEE - ok
13:11:25.0691 0x0cfc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:11:25.0723 0x0cfc  MTConfig - ok
13:11:25.0723 0x0cfc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:11:25.0754 0x0cfc  Mup - ok
13:11:25.0801 0x0cfc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:11:25.0863 0x0cfc  napagent - ok
13:11:25.0910 0x0cfc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:11:25.0957 0x0cfc  NativeWifiP - ok
13:11:26.0019 0x0cfc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:11:26.0081 0x0cfc  NDIS - ok
13:11:26.0097 0x0cfc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:11:26.0175 0x0cfc  NdisCap - ok
13:11:26.0191 0x0cfc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:11:26.0269 0x0cfc  NdisTapi - ok
13:11:26.0284 0x0cfc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:11:26.0362 0x0cfc  Ndisuio - ok
13:11:26.0393 0x0cfc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:11:26.0471 0x0cfc  NdisWan - ok
13:11:26.0518 0x0cfc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:11:26.0581 0x0cfc  NDProxy - ok
13:11:26.0612 0x0cfc  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
13:11:26.0659 0x0cfc  Netaapl - ok
13:11:26.0690 0x0cfc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:11:26.0768 0x0cfc  NetBIOS - ok
13:11:26.0799 0x0cfc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:11:26.0877 0x0cfc  NetBT - ok
13:11:26.0908 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
13:11:26.0924 0x0cfc  Netlogon - ok
13:11:26.0986 0x0cfc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:11:27.0080 0x0cfc  Netman - ok
13:11:27.0111 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:27.0142 0x0cfc  NetMsmqActivator - ok
13:11:27.0158 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:27.0189 0x0cfc  NetPipeActivator - ok
13:11:27.0220 0x0cfc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:11:27.0314 0x0cfc  netprofm - ok
13:11:27.0345 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:27.0376 0x0cfc  NetTcpActivator - ok
13:11:27.0392 0x0cfc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:27.0423 0x0cfc  NetTcpPortSharing - ok
13:11:27.0454 0x0cfc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:11:27.0485 0x0cfc  nfrd960 - ok
13:11:27.0517 0x0cfc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:11:27.0579 0x0cfc  NlaSvc - ok
13:11:27.0595 0x0cfc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:11:27.0657 0x0cfc  Npfs - ok
13:11:27.0704 0x0cfc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:11:27.0782 0x0cfc  nsi - ok
13:11:27.0797 0x0cfc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:11:27.0875 0x0cfc  nsiproxy - ok
13:11:27.0986 0x0cfc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:11:28.0095 0x0cfc  Ntfs - ok
13:11:28.0142 0x0cfc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:11:28.0204 0x0cfc  Null - ok
13:11:28.0235 0x0cfc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:11:28.0266 0x0cfc  nvraid - ok
13:11:28.0313 0x0cfc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:11:28.0344 0x0cfc  nvstor - ok
13:11:28.0391 0x0cfc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:11:28.0422 0x0cfc  nv_agp - ok
13:11:28.0454 0x0cfc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:11:28.0485 0x0cfc  ohci1394 - ok
13:11:28.0547 0x0cfc  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:11:28.0563 0x0cfc  ose64 - ok
13:11:28.0844 0x0cfc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:11:29.0114 0x0cfc  osppsvc - ok
13:11:29.0161 0x0cfc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:11:29.0223 0x0cfc  p2pimsvc - ok
13:11:29.0270 0x0cfc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:11:29.0317 0x0cfc  p2psvc - ok
13:11:29.0348 0x0cfc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:11:29.0379 0x0cfc  Parport - ok
13:11:29.0410 0x0cfc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:11:29.0441 0x0cfc  partmgr - ok
13:11:29.0457 0x0cfc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:11:29.0519 0x0cfc  PcaSvc - ok
13:11:29.0566 0x0cfc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:11:29.0597 0x0cfc  pci - ok
13:11:29.0629 0x0cfc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:11:29.0644 0x0cfc  pciide - ok
13:11:29.0675 0x0cfc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:11:29.0707 0x0cfc  pcmcia - ok
13:11:29.0738 0x0cfc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:11:29.0753 0x0cfc  pcw - ok
13:11:29.0800 0x0cfc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:11:29.0909 0x0cfc  PEAUTH - ok
13:11:30.0019 0x0cfc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:11:30.0143 0x0cfc  PeerDistSvc - ok
13:11:30.0221 0x0cfc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:11:30.0253 0x0cfc  PerfHost - ok
13:11:30.0362 0x0cfc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:11:30.0502 0x0cfc  pla - ok
13:11:30.0580 0x0cfc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:11:30.0658 0x0cfc  PlugPlay - ok
13:11:30.0705 0x0cfc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:11:30.0736 0x0cfc  PNRPAutoReg - ok
13:11:30.0767 0x0cfc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:11:30.0814 0x0cfc  PNRPsvc - ok
13:11:30.0861 0x0cfc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:11:30.0955 0x0cfc  PolicyAgent - ok
13:11:31.0001 0x0cfc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:11:31.0096 0x0cfc  Power - ok
13:11:31.0127 0x0cfc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:11:31.0205 0x0cfc  PptpMiniport - ok
13:11:31.0221 0x0cfc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:11:31.0268 0x0cfc  Processor - ok
13:11:31.0314 0x0cfc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:11:31.0361 0x0cfc  ProfSvc - ok
13:11:31.0377 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:11:31.0408 0x0cfc  ProtectedStorage - ok
13:11:31.0439 0x0cfc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:11:31.0517 0x0cfc  Psched - ok
13:11:31.0626 0x0cfc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:11:31.0704 0x0cfc  ql2300 - ok
13:11:31.0751 0x0cfc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:11:31.0782 0x0cfc  ql40xx - ok
13:11:31.0814 0x0cfc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:11:31.0876 0x0cfc  QWAVE - ok
13:11:31.0892 0x0cfc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:11:31.0938 0x0cfc  QWAVEdrv - ok
13:11:31.0938 0x0cfc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:11:32.0016 0x0cfc  RasAcd - ok
13:11:32.0033 0x0cfc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:11:32.0095 0x0cfc  RasAgileVpn - ok
13:11:32.0142 0x0cfc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:11:32.0220 0x0cfc  RasAuto - ok
13:11:32.0251 0x0cfc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:11:32.0329 0x0cfc  Rasl2tp - ok
13:11:32.0376 0x0cfc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:11:32.0454 0x0cfc  RasMan - ok
13:11:32.0485 0x0cfc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:11:32.0579 0x0cfc  RasPppoe - ok
13:11:32.0610 0x0cfc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:11:32.0688 0x0cfc  RasSstp - ok
13:11:32.0719 0x0cfc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:11:32.0813 0x0cfc  rdbss - ok
13:11:32.0829 0x0cfc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:11:32.0875 0x0cfc  rdpbus - ok
13:11:32.0891 0x0cfc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:11:32.0969 0x0cfc  RDPCDD - ok
13:11:33.0000 0x0cfc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:11:33.0047 0x0cfc  RDPDR - ok
13:11:33.0078 0x0cfc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:11:33.0156 0x0cfc  RDPENCDD - ok
13:11:33.0187 0x0cfc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:11:33.0265 0x0cfc  RDPREFMP - ok
13:11:33.0343 0x0cfc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:11:33.0390 0x0cfc  RdpVideoMiniport - ok
13:11:33.0437 0x0cfc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:11:33.0484 0x0cfc  RDPWD - ok
13:11:33.0609 0x0cfc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:11:33.0702 0x0cfc  rdyboost - ok
13:11:33.0811 0x0cfc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:11:33.0921 0x0cfc  RemoteAccess - ok
13:11:33.0967 0x0cfc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:11:34.0077 0x0cfc  RemoteRegistry - ok
13:11:34.0123 0x0cfc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:11:34.0186 0x0cfc  RpcEptMapper - ok
13:11:34.0217 0x0cfc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:11:34.0248 0x0cfc  RpcLocator - ok
13:11:34.0295 0x0cfc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:11:34.0389 0x0cfc  RpcSs - ok
13:11:34.0420 0x0cfc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:11:34.0498 0x0cfc  rspndr - ok
13:11:34.0560 0x0cfc  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:11:34.0623 0x0cfc  RTL8167 - ok
13:11:34.0654 0x0cfc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:11:34.0685 0x0cfc  s3cap - ok
13:11:34.0732 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
13:11:34.0747 0x0cfc  SamSs - ok
13:11:34.0779 0x0cfc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:11:34.0810 0x0cfc  sbp2port - ok
13:11:34.0857 0x0cfc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:11:34.0966 0x0cfc  SCardSvr - ok
13:11:35.0013 0x0cfc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:11:35.0091 0x0cfc  scfilter - ok
13:11:35.0153 0x0cfc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:11:35.0309 0x0cfc  Schedule - ok
13:11:35.0356 0x0cfc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:11:35.0434 0x0cfc  SCPolicySvc - ok
13:11:35.0481 0x0cfc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:11:35.0527 0x0cfc  sdbus - ok
13:11:35.0574 0x0cfc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:11:35.0621 0x0cfc  SDRSVC - ok
13:11:35.0668 0x0cfc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:11:35.0746 0x0cfc  secdrv - ok
13:11:35.0777 0x0cfc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:11:35.0855 0x0cfc  seclogon - ok
13:11:35.0871 0x0cfc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:11:35.0964 0x0cfc  SENS - ok
13:11:35.0980 0x0cfc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:11:36.0027 0x0cfc  SensrSvc - ok
13:11:36.0042 0x0cfc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:11:36.0089 0x0cfc  Serenum - ok
13:11:36.0120 0x0cfc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:11:36.0151 0x0cfc  Serial - ok
13:11:36.0167 0x0cfc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:11:36.0214 0x0cfc  sermouse - ok
13:11:36.0307 0x0cfc  [ C471C170BFB078DEB5CF7C270D47B529, D9D5E88266EEDEDF97B4210EC3AF89FB93EA358476F40EDBC068D2121E036438 ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
13:11:36.0401 0x0cfc  Service KMSELDI - detected UnsignedFile.Multi.Generic ( 1 )
13:11:39.0178 0x0cfc  Service KMSELDI ( UnsignedFile.Multi.Generic ) - warning
13:11:41.0939 0x227c  Object required for P2P: [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid
13:11:42.0001 0x0cfc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:11:42.0079 0x0cfc  SessionEnv - ok
13:11:42.0157 0x0cfc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:11:42.0189 0x0cfc  sffdisk - ok
13:11:42.0204 0x0cfc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:11:42.0235 0x0cfc  sffp_mmc - ok
13:11:42.0251 0x0cfc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:11:42.0282 0x0cfc  sffp_sd - ok
13:11:42.0282 0x0cfc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:11:42.0329 0x0cfc  sfloppy - ok
13:11:42.0376 0x0cfc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:11:42.0485 0x0cfc  SharedAccess - ok
13:11:42.0532 0x0cfc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:11:42.0625 0x0cfc  ShellHWDetection - ok
13:11:42.0672 0x0cfc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:11:42.0688 0x0cfc  SiSRaid2 - ok
13:11:42.0719 0x0cfc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:11:42.0750 0x0cfc  SiSRaid4 - ok
13:11:42.0813 0x0cfc  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:11:42.0844 0x0cfc  SkypeUpdate - ok
13:11:42.0875 0x0cfc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:11:42.0953 0x0cfc  Smb - ok
13:11:43.0000 0x0cfc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:11:43.0031 0x0cfc  SNMPTRAP - ok
13:11:43.0062 0x0cfc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:11:43.0078 0x0cfc  spldr - ok
13:11:43.0140 0x0cfc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:11:43.0203 0x0cfc  Spooler - ok
13:11:43.0390 0x0cfc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:11:43.0717 0x0cfc  sppsvc - ok
13:11:43.0764 0x0cfc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:11:43.0842 0x0cfc  sppuinotify - ok
13:11:43.0889 0x0cfc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:11:43.0967 0x0cfc  srv - ok
13:11:43.0998 0x0cfc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:11:44.0061 0x0cfc  srv2 - ok
13:11:44.0107 0x0cfc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:11:44.0139 0x0cfc  srvnet - ok
13:11:44.0170 0x0cfc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:11:44.0263 0x0cfc  SSDPSRV - ok
13:11:44.0373 0x0cfc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:11:44.0451 0x0cfc  SstpSvc - ok
13:11:44.0560 0x0cfc  [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
13:11:44.0607 0x0cfc  STacSV - ok
13:11:44.0638 0x0cfc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:11:44.0653 0x0cfc  stexstor - ok
13:11:44.0716 0x0cfc  [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
13:11:44.0731 0x227c  Object send P2P result: true
13:11:44.0794 0x0cfc  STHDA - ok
13:11:44.0856 0x0cfc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:11:44.0934 0x0cfc  stisvc - ok
13:11:44.0965 0x0cfc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:11:44.0997 0x0cfc  storflt - ok
13:11:45.0012 0x0cfc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
13:11:45.0043 0x0cfc  StorSvc - ok
13:11:45.0075 0x0cfc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:11:45.0090 0x0cfc  storvsc - ok
13:11:45.0121 0x0cfc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:11:45.0137 0x0cfc  swenum - ok
13:11:45.0246 0x0cfc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:11:45.0293 0x0cfc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
13:11:48.0070 0x0cfc  Detect skipped due to KSN trusted
13:11:48.0070 0x0cfc  SwitchBoard - ok
13:11:48.0179 0x0cfc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:11:48.0288 0x0cfc  swprv - ok
13:11:48.0351 0x0cfc  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:11:48.0382 0x0cfc  SynTP - ok
13:11:48.0491 0x0cfc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:11:48.0663 0x0cfc  SysMain - ok
13:11:48.0694 0x0cfc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:11:48.0725 0x0cfc  TabletInputService - ok
13:11:48.0756 0x0cfc  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:11:48.0787 0x0cfc  tap0901 - ok
13:11:48.0803 0x0cfc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:11:48.0881 0x0cfc  TapiSrv - ok
13:11:48.0912 0x0cfc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:11:48.0959 0x0cfc  TBS - ok
13:11:49.0068 0x0cfc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:11:49.0177 0x0cfc  Tcpip - ok
13:11:49.0505 0x0cfc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:11:49.0614 0x0cfc  TCPIP6 - ok
13:11:49.0661 0x0cfc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:11:49.0692 0x0cfc  tcpipreg - ok
13:11:49.0723 0x0cfc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:11:49.0770 0x0cfc  TDPIPE - ok
13:11:49.0801 0x0cfc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:11:49.0833 0x0cfc  TDTCP - ok
13:11:49.0895 0x0cfc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:11:49.0942 0x0cfc  tdx - ok
13:11:49.0973 0x0cfc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:11:49.0989 0x0cfc  TermDD - ok
13:11:50.0067 0x0cfc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:11:50.0145 0x0cfc  TermService - ok
13:11:50.0176 0x0cfc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:11:50.0207 0x0cfc  Themes - ok
13:11:50.0238 0x0cfc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:11:50.0316 0x0cfc  THREADORDER - ok
13:11:50.0332 0x0cfc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:11:50.0425 0x0cfc  TrkWks - ok
13:11:50.0488 0x0cfc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:11:50.0550 0x0cfc  TrustedInstaller - ok
13:11:50.0581 0x0cfc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:11:50.0628 0x0cfc  tssecsrv - ok
13:11:50.0659 0x0cfc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:11:50.0706 0x0cfc  TsUsbFlt - ok
13:11:50.0722 0x0cfc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:11:50.0753 0x0cfc  TsUsbGD - ok
13:11:50.0815 0x0cfc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:11:50.0893 0x0cfc  tunnel - ok
13:11:50.0909 0x0cfc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:11:50.0940 0x0cfc  uagp35 - ok
13:11:50.0987 0x0cfc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:11:51.0081 0x0cfc  udfs - ok
13:11:51.0127 0x0cfc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:11:51.0174 0x0cfc  UI0Detect - ok
13:11:51.0190 0x0cfc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:11:51.0221 0x0cfc  uliagpkx - ok
13:11:51.0252 0x0cfc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:11:51.0283 0x0cfc  umbus - ok
13:11:51.0299 0x0cfc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:11:51.0330 0x0cfc  UmPass - ok
13:11:51.0361 0x0cfc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:11:51.0408 0x0cfc  UmRdpService - ok
13:11:51.0408 0x0cfc  Update RightSurf - ok
13:11:51.0455 0x0cfc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:11:51.0564 0x0cfc  upnphost - ok
13:11:51.0627 0x0cfc  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:11:51.0658 0x0cfc  USBAAPL64 - ok
13:11:51.0689 0x0cfc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:11:51.0736 0x0cfc  usbaudio - ok
13:11:51.0767 0x0cfc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:11:51.0814 0x0cfc  usbccgp - ok
13:11:51.0845 0x0cfc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:11:51.0907 0x0cfc  usbcir - ok
13:11:51.0954 0x0cfc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:11:51.0985 0x0cfc  usbehci - ok
13:11:52.0017 0x0cfc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:11:52.0079 0x0cfc  usbhub - ok
13:11:52.0095 0x0cfc  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:11:52.0126 0x0cfc  usbohci - ok
13:11:52.0157 0x0cfc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:11:52.0188 0x0cfc  usbprint - ok
13:11:52.0219 0x0cfc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:11:52.0266 0x0cfc  usbscan - ok
13:11:52.0282 0x0cfc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:11:52.0344 0x0cfc  USBSTOR - ok
13:11:52.0375 0x0cfc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:11:52.0391 0x0cfc  usbuhci - ok
13:11:52.0438 0x0cfc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:11:52.0485 0x0cfc  usbvideo - ok
13:11:52.0500 0x0cfc  Util RightSurf - ok
13:11:52.0531 0x0cfc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:11:52.0609 0x0cfc  UxSms - ok
13:11:52.0625 0x0cfc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
13:11:52.0641 0x0cfc  VaultSvc - ok
13:11:52.0687 0x0cfc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:11:52.0703 0x0cfc  vdrvroot - ok
13:11:52.0750 0x0cfc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:11:52.0843 0x0cfc  vds - ok
13:11:52.0875 0x0cfc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:11:52.0906 0x0cfc  vga - ok
13:11:52.0937 0x0cfc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:11:52.0999 0x0cfc  VgaSave - ok
13:11:53.0062 0x0cfc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:11:53.0093 0x0cfc  vhdmp - ok
13:11:53.0124 0x0cfc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:11:53.0140 0x0cfc  viaide - ok
13:11:53.0171 0x0cfc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:11:53.0202 0x0cfc  vmbus - ok
13:11:53.0218 0x0cfc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:11:53.0265 0x0cfc  VMBusHID - ok
13:11:53.0280 0x0cfc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:11:53.0311 0x0cfc  volmgr - ok
13:11:53.0343 0x0cfc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:11:53.0389 0x0cfc  volmgrx - ok
13:11:53.0421 0x0cfc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:11:53.0452 0x0cfc  volsnap - ok
13:11:53.0483 0x0cfc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:11:53.0514 0x0cfc  vsmraid - ok
13:11:53.0608 0x0cfc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:11:53.0811 0x0cfc  VSS - ok
13:11:53.0857 0x0cfc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:11:53.0889 0x0cfc  vwifibus - ok
13:11:53.0935 0x0cfc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:11:53.0967 0x0cfc  vwififlt - ok
13:11:53.0998 0x0cfc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:11:54.0029 0x0cfc  vwifimp - ok
13:11:54.0076 0x0cfc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:11:54.0154 0x0cfc  W32Time - ok
13:11:54.0247 0x0cfc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:11:54.0310 0x0cfc  WacomPen - ok
13:11:54.0325 0x0cfc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:11:54.0403 0x0cfc  WANARP - ok
13:11:54.0419 0x0cfc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:11:54.0481 0x0cfc  Wanarpv6 - ok
13:11:54.0747 0x0cfc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:11:54.0825 0x0cfc  WatAdminSvc - ok
13:11:54.0918 0x0cfc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:11:55.0043 0x0cfc  wbengine - ok
13:11:55.0074 0x0cfc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:11:55.0137 0x0cfc  WbioSrvc - ok
13:11:55.0261 0x0cfc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:11:55.0324 0x0cfc  wcncsvc - ok
13:11:55.0355 0x0cfc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:11:55.0386 0x0cfc  WcsPlugInService - ok
13:11:55.0417 0x0cfc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:11:55.0449 0x0cfc  Wd - ok
13:11:55.0495 0x0cfc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:11:55.0558 0x0cfc  Wdf01000 - ok
13:11:55.0620 0x0cfc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:11:55.0714 0x0cfc  WdiServiceHost - ok
13:11:55.0714 0x0cfc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:11:55.0761 0x0cfc  WdiSystemHost - ok
13:11:55.0792 0x0cfc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:11:55.0839 0x0cfc  WebClient - ok
13:11:55.0870 0x0cfc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:11:55.0963 0x0cfc  Wecsvc - ok
13:11:55.0995 0x0cfc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:11:56.0073 0x0cfc  wercplsupport - ok
13:11:56.0104 0x0cfc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:11:56.0166 0x0cfc  WerSvc - ok
13:11:56.0229 0x0cfc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:11:56.0291 0x0cfc  WfpLwf - ok
13:11:56.0322 0x0cfc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:11:56.0338 0x0cfc  WIMMount - ok
13:11:56.0369 0x0cfc  WinDefend - ok
13:11:56.0385 0x0cfc  WinHttpAutoProxySvc - ok
13:11:56.0447 0x0cfc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:11:56.0525 0x0cfc  Winmgmt - ok
13:11:56.0650 0x0cfc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:11:56.0806 0x0cfc  WinRM - ok
13:11:56.0853 0x0cfc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:11:56.0899 0x0cfc  WinUsb - ok
13:11:56.0962 0x0cfc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:11:57.0055 0x0cfc  Wlansvc - ok
13:11:57.0087 0x0cfc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:11:57.0118 0x0cfc  WmiAcpi - ok
13:11:57.0149 0x0cfc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:11:57.0211 0x0cfc  wmiApSrv - ok
13:11:57.0227 0x0cfc  WMPNetworkSvc - ok
13:11:57.0258 0x0cfc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:11:57.0305 0x0cfc  WPCSvc - ok
13:11:57.0321 0x0cfc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:11:57.0367 0x0cfc  WPDBusEnum - ok
13:11:57.0399 0x0cfc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:11:57.0477 0x0cfc  ws2ifsl - ok
13:11:57.0508 0x0cfc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:11:57.0539 0x0cfc  wscsvc - ok
13:11:57.0555 0x0cfc  WSearch - ok
13:11:57.0695 0x0cfc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:11:57.0835 0x0cfc  wuauserv - ok
13:11:57.0867 0x0cfc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:11:57.0929 0x0cfc  WudfPf - ok
13:11:57.0945 0x0cfc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:11:57.0991 0x0cfc  WUDFRd - ok
13:11:58.0007 0x0cfc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:11:58.0038 0x0cfc  wudfsvc - ok
13:11:58.0085 0x0cfc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:11:58.0132 0x0cfc  WwanSvc - ok
13:11:58.0179 0x0cfc  ================ Scan global ===============================
13:11:58.0210 0x0cfc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:11:58.0257 0x0cfc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:11:58.0288 0x0cfc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:11:58.0319 0x0cfc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:11:58.0366 0x0cfc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:11:58.0381 0x0cfc  [ Global ] - ok
13:11:58.0381 0x0cfc  ================ Scan MBR ==================================
13:11:58.0397 0x0cfc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:11:59.0317 0x0cfc  \Device\Harddisk0\DR0 - ok
13:11:59.0333 0x0cfc  ================ Scan VBR ==================================
13:11:59.0364 0x0cfc  [ C7132D7EF4281D2D373864CA49F586BF ] \Device\Harddisk0\DR0\Partition1
13:11:59.0364 0x0cfc  \Device\Harddisk0\DR0\Partition1 - ok
13:11:59.0364 0x0cfc  [ EE0089E2B868FC8C265E7537009B43AC ] \Device\Harddisk0\DR0\Partition2
13:11:59.0380 0x0cfc  \Device\Harddisk0\DR0\Partition2 - ok
13:11:59.0380 0x0cfc  [ 478516D8FA8F92E12E245B4B625C204A ] \Device\Harddisk0\DR0\Partition3
13:11:59.0380 0x0cfc  \Device\Harddisk0\DR0\Partition3 - ok
13:11:59.0380 0x0cfc  ================ Scan generic autorun ======================
13:11:59.0442 0x0cfc  [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
13:11:59.0489 0x0cfc  SysTrayApp - ok
13:11:59.0489 0x0cfc  SynTPEnh - ok
13:11:59.0598 0x0cfc  [ BDBF2A7AD6CF18F2A7FBC431692B7B96, 73A91EC0E78773B4138132D5D6D4C8A702116C4BF7D1D986B52BE0070F19E5FC ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
13:11:59.0629 0x0cfc  AdobeAAMUpdater-1.0 - ok
13:11:59.0676 0x0cfc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:11:59.0723 0x0cfc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
13:11:59.0723 0x0cfc  Detect skipped due to KSN trusted
13:11:59.0723 0x0cfc  SwitchBoard - ok
13:11:59.0832 0x0cfc  [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
13:11:59.0895 0x0cfc  AdobeCS6ServiceManager - ok
13:11:59.0988 0x0cfc  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:12:00.0035 0x0cfc  avgnt - ok
13:12:00.0175 0x0cfc  [ 49161D25F38D52B026AA6B718E9F05B8, 80CEE409BC07722C3092393817A8C771469331EC12FFD6200A6E7CD302C0E11F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
13:12:00.0316 0x0cfc  Adobe Creative Cloud - ok
13:12:00.0378 0x0cfc  [ 5100ADC704F2D6CE3DF8C0D5105D6C84, BD46EE57F881EDAB63A0540186D9471F4C70F3E4D72F1C52D72DD9BADF9E7334 ] C:\Program Files (x86)\PDF24\pdf24.exe
13:12:00.0409 0x0cfc  PDFPrint - ok
13:12:00.0472 0x0cfc  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:12:00.0487 0x0cfc  iTunesHelper - ok
13:12:00.0534 0x0cfc  [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:12:00.0565 0x0cfc  SunJavaUpdateSched - ok
13:12:00.0612 0x0cfc  [ BA18CFAB98426BFA6D6EC7E5B1961ED0, 540BF2CFDB099296F2AA24D192EFC5B013C88C0152763454521355ACBB50337D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
13:12:00.0643 0x0cfc  Avira Systray - ok
13:12:00.0753 0x0cfc  [ 34560253EF56416ED5F9192AA258407E, 1915FED010A852C65A4BF809D9DC8E8C96ECCABFC6707F1EBA946630F4E56CAF ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
13:12:00.0846 0x0cfc  TrojanScanner - ok
13:12:00.0955 0x0cfc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:12:01.0080 0x0cfc  Sidebar - ok
13:12:01.0096 0x0cfc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:12:01.0143 0x0cfc  mctadmin - ok
13:12:01.0221 0x0cfc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:12:01.0299 0x0cfc  Sidebar - ok
13:12:01.0314 0x0cfc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:12:01.0361 0x0cfc  mctadmin - ok
13:12:01.0361 0x0cfc  LiveSupport - ok
13:12:01.0455 0x0cfc  [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
13:12:01.0470 0x0cfc  iCloudServices - ok
13:12:01.0501 0x0cfc  [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
13:12:01.0517 0x0cfc  ApplePhotoStreams - ok
13:12:01.0533 0x0cfc  FlashPlayerUpdate - ok
13:12:01.0533 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:02.0547 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:03.0561 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:04.0575 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:05.0589 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:06.0603 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:07.0617 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:08.0631 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:09.0645 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:10.0659 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:11.0673 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:12.0687 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:13.0701 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:14.0715 0x0cfc  Waiting for KSN requests completion. In queue: 138
13:12:15.0807 0x0cfc  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x40000 ( disabled : updated )
13:12:15.0822 0x0cfc  Win FW state via NFP2: disabled
13:12:18.0552 0x0cfc  ============================================================
13:12:18.0552 0x0cfc  Scan finished
13:12:18.0552 0x0cfc  ============================================================
13:12:18.0568 0x3348  Detected object count: 2
13:12:18.0568 0x3348  Actual detected object count: 2
13:14:20.0175 0x3348  Internet Manager. RunOuc ( UnsignedFile.Multi.Generic ) - skipped by user
13:14:20.0175 0x3348  Internet Manager. RunOuc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:14:20.0175 0x3348  Service KMSELDI ( UnsignedFile.Multi.Generic ) - skipped by user
13:14:20.0175 0x3348  Service KMSELDI ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
__________________

Alt 02.02.2015, 12:21   #4
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Habe den TDSS noch einmal laufen lassen, wieder 2 Threats gefunden:
Code:
ATTFilter
13:19:00.0427 0x3004  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:19:05.0529 0x3004  ============================================================
13:19:05.0529 0x3004  Current date / time: 2015/02/02 13:19:05.0529
13:19:05.0529 0x3004  SystemInfo:
13:19:05.0529 0x3004  
13:19:05.0529 0x3004  OS Version: 6.1.7601 ServicePack: 1.0
13:19:05.0529 0x3004  Product type: Workstation
13:19:05.0529 0x3004  ComputerName: DIRK-PC
13:19:05.0529 0x3004  UserName: Dirk
13:19:05.0529 0x3004  Windows directory: C:\Windows
13:19:05.0529 0x3004  System windows directory: C:\Windows
13:19:05.0529 0x3004  Running under WOW64
13:19:05.0529 0x3004  Processor architecture: Intel x64
13:19:05.0529 0x3004  Number of processors: 2
13:19:05.0529 0x3004  Page size: 0x1000
13:19:05.0529 0x3004  Boot type: Normal boot
13:19:05.0529 0x3004  ============================================================
13:19:07.0525 0x3004  KLMD registered as C:\Windows\system32\drivers\88839233.sys
13:19:07.0697 0x3004  System UUID: {AD9A45AA-41BE-88E7-9F72-A5C7514600F3}
13:19:08.0321 0x3004  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:19:08.0337 0x3004  ============================================================
13:19:08.0337 0x3004  \Device\Harddisk0\DR0:
13:19:08.0337 0x3004  MBR partitions:
13:19:08.0337 0x3004  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:19:08.0337 0x3004  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
13:19:08.0337 0x3004  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x21CE5800
13:19:08.0337 0x3004  ============================================================
13:19:08.0461 0x3004  C: <-> \Device\Harddisk0\DR0\Partition2
13:19:08.0508 0x3004  D: <-> \Device\Harddisk0\DR0\Partition3
13:19:08.0508 0x3004  ============================================================
13:19:08.0508 0x3004  Initialize success
13:19:08.0508 0x3004  ============================================================
13:19:15.0700 0x46bc  ============================================================
13:19:15.0700 0x46bc  Scan started
13:19:15.0700 0x46bc  Mode: Manual; SigCheck; TDLFS; 
13:19:15.0700 0x46bc  ============================================================
13:19:15.0700 0x46bc  KSN ping started
13:19:18.0414 0x46bc  KSN ping finished: true
13:19:19.0615 0x46bc  ================ Scan system memory ========================
13:19:19.0615 0x46bc  System memory - ok
13:19:19.0615 0x46bc  ================ Scan services =============================
13:19:19.0756 0x46bc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:19:19.0865 0x46bc  1394ohci - ok
13:19:19.0896 0x46bc  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
13:19:19.0927 0x46bc  Accelerometer - ok
13:19:19.0959 0x46bc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:19:19.0990 0x46bc  ACPI - ok
13:19:20.0021 0x46bc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:19:20.0052 0x46bc  AcpiPmi - ok
13:19:20.0177 0x46bc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:19:20.0193 0x46bc  AdobeARMservice - ok
13:19:20.0302 0x46bc  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:19:20.0333 0x46bc  AdobeFlashPlayerUpdateSvc - ok
13:19:20.0380 0x46bc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:19:20.0427 0x46bc  adp94xx - ok
13:19:20.0489 0x46bc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:19:20.0520 0x46bc  adpahci - ok
13:19:20.0551 0x46bc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:19:20.0583 0x46bc  adpu320 - ok
13:19:20.0614 0x46bc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:19:20.0692 0x46bc  AeLookupSvc - ok
13:19:20.0785 0x46bc  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
13:19:20.0817 0x46bc  AESTFilters - ok
13:19:20.0879 0x46bc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
13:19:20.0941 0x46bc  AFD - ok
13:19:20.0988 0x46bc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:19:21.0019 0x46bc  agp440 - ok
13:19:21.0051 0x46bc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:19:21.0082 0x46bc  ALG - ok
13:19:21.0113 0x46bc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:19:21.0129 0x46bc  aliide - ok
13:19:21.0175 0x46bc  [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:19:21.0207 0x46bc  AMD External Events Utility - ok
13:19:21.0222 0x46bc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:19:21.0238 0x46bc  amdide - ok
13:19:21.0285 0x46bc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:19:21.0300 0x46bc  AmdK8 - ok
13:19:21.0316 0x46bc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:19:21.0347 0x46bc  AmdPPM - ok
13:19:21.0394 0x46bc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:19:21.0409 0x46bc  amdsata - ok
13:19:21.0441 0x46bc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:19:21.0472 0x46bc  amdsbs - ok
13:19:21.0487 0x46bc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:19:21.0519 0x46bc  amdxata - ok
13:19:21.0597 0x46bc  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:19:21.0628 0x46bc  AntiVirSchedulerService - ok
13:19:21.0690 0x46bc  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:19:21.0721 0x46bc  AntiVirService - ok
13:19:21.0768 0x46bc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:19:21.0831 0x46bc  AppID - ok
13:19:21.0862 0x46bc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:19:21.0924 0x46bc  AppIDSvc - ok
13:19:21.0955 0x46bc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:19:21.0971 0x46bc  Appinfo - ok
13:19:22.0065 0x46bc  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:19:22.0080 0x46bc  Apple Mobile Device - ok
13:19:22.0127 0x46bc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:19:22.0158 0x46bc  AppMgmt - ok
13:19:22.0189 0x46bc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:19:22.0221 0x46bc  arc - ok
13:19:22.0252 0x46bc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:19:22.0283 0x46bc  arcsas - ok
13:19:22.0392 0x46bc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:19:22.0423 0x46bc  aspnet_state - ok
13:19:22.0455 0x46bc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:19:22.0517 0x46bc  AsyncMac - ok
13:19:22.0564 0x46bc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:19:22.0595 0x46bc  atapi - ok
13:19:22.0891 0x46bc  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:19:23.0188 0x46bc  atikmdag - ok
13:19:23.0266 0x46bc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:19:23.0328 0x46bc  AudioEndpointBuilder - ok
13:19:23.0375 0x46bc  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:19:23.0437 0x46bc  AudioSrv - ok
13:19:23.0500 0x46bc  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:19:23.0515 0x46bc  avgntflt - ok
13:19:23.0578 0x46bc  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:19:23.0593 0x46bc  avipbb - ok
13:19:23.0671 0x46bc  [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
13:19:23.0703 0x46bc  Avira.OE.ServiceHost - ok
13:19:23.0734 0x46bc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:19:23.0749 0x46bc  avkmgr - ok
13:19:23.0796 0x46bc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:19:23.0843 0x46bc  AxInstSV - ok
13:19:23.0890 0x46bc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:19:23.0937 0x46bc  b06bdrv - ok
13:19:23.0983 0x46bc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:19:24.0030 0x46bc  b57nd60a - ok
13:19:24.0202 0x46bc  [ FB4FDA64F2E8552EAEB5986C3F34462C, EFC81E1227339FC721B926633BE15B5476A161452D6D054455F4B1FE87D9B891 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:19:24.0327 0x46bc  BCM43XX - ok
13:19:24.0373 0x46bc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:19:24.0405 0x46bc  BDESVC - ok
13:19:24.0420 0x46bc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:19:24.0483 0x46bc  Beep - ok
13:19:24.0529 0x46bc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:19:24.0592 0x46bc  BFE - ok
13:19:24.0654 0x46bc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:19:24.0763 0x46bc  BITS - ok
13:19:24.0810 0x46bc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:19:24.0826 0x46bc  blbdrive - ok
13:19:24.0904 0x46bc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:19:24.0935 0x46bc  Bonjour Service - ok
13:19:24.0997 0x46bc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:19:25.0029 0x46bc  bowser - ok
13:19:25.0075 0x46bc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:19:25.0091 0x46bc  BrFiltLo - ok
13:19:25.0107 0x46bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:19:25.0138 0x46bc  BrFiltUp - ok
13:19:25.0169 0x46bc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:19:25.0200 0x46bc  Browser - ok
13:19:25.0231 0x46bc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:19:25.0263 0x46bc  Brserid - ok
13:19:25.0278 0x46bc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:19:25.0309 0x46bc  BrSerWdm - ok
13:19:25.0325 0x46bc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:19:25.0356 0x46bc  BrUsbMdm - ok
13:19:25.0356 0x46bc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:19:25.0387 0x46bc  BrUsbSer - ok
13:19:25.0419 0x46bc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:19:25.0450 0x46bc  BTHMODEM - ok
13:19:25.0481 0x46bc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:19:25.0543 0x46bc  bthserv - ok
13:19:25.0575 0x46bc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:19:25.0653 0x46bc  cdfs - ok
13:19:25.0699 0x46bc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:19:25.0746 0x46bc  cdrom - ok
13:19:25.0777 0x46bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:19:25.0840 0x46bc  CertPropSvc - ok
13:19:25.0871 0x46bc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:19:25.0902 0x46bc  circlass - ok
13:19:25.0933 0x46bc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:19:25.0965 0x46bc  CLFS - ok
13:19:26.0043 0x46bc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:19:26.0058 0x46bc  clr_optimization_v2.0.50727_32 - ok
13:19:26.0105 0x46bc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:19:26.0136 0x46bc  clr_optimization_v2.0.50727_64 - ok
13:19:26.0214 0x46bc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:19:26.0245 0x46bc  clr_optimization_v4.0.30319_32 - ok
13:19:26.0261 0x46bc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:19:26.0292 0x46bc  clr_optimization_v4.0.30319_64 - ok
13:19:26.0323 0x46bc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:19:26.0355 0x46bc  CmBatt - ok
13:19:26.0370 0x46bc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:19:26.0386 0x46bc  cmdide - ok
13:19:26.0464 0x46bc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:19:26.0526 0x46bc  CNG - ok
13:19:26.0542 0x46bc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:19:26.0573 0x46bc  Compbatt - ok
13:19:26.0589 0x46bc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:19:26.0620 0x46bc  CompositeBus - ok
13:19:26.0635 0x46bc  COMSysApp - ok
13:19:26.0651 0x46bc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:19:26.0682 0x46bc  crcdisk - ok
13:19:26.0729 0x46bc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:19:26.0760 0x46bc  CryptSvc - ok
13:19:26.0807 0x46bc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
13:19:26.0854 0x46bc  CSC - ok
13:19:26.0901 0x46bc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
13:19:26.0963 0x46bc  CscService - ok
13:19:27.0010 0x46bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:19:27.0103 0x46bc  DcomLaunch - ok
13:19:27.0150 0x46bc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:19:27.0228 0x46bc  defragsvc - ok
13:19:27.0244 0x46bc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:19:27.0306 0x46bc  DfsC - ok
13:19:27.0369 0x46bc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:19:27.0400 0x46bc  Dhcp - ok
13:19:27.0431 0x46bc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:19:27.0493 0x46bc  discache - ok
13:19:27.0525 0x46bc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:19:27.0556 0x46bc  Disk - ok
13:19:27.0587 0x46bc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:19:27.0618 0x46bc  dmvsc - ok
13:19:27.0649 0x46bc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:19:27.0681 0x46bc  Dnscache - ok
13:19:27.0712 0x46bc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:19:27.0790 0x46bc  dot3svc - ok
13:19:27.0805 0x46bc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:19:27.0883 0x46bc  DPS - ok
13:19:28.0024 0x46bc  [ 08EE57B20D4508B24A7E3619F10F5FD3, 2506E2D0429B44D4A0F0781BC9D2C631CE809634080FFA0612F03FE6391F61C4 ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
13:19:28.0133 0x46bc  DragonUpdater - ok
13:19:28.0195 0x46bc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:19:28.0211 0x46bc  drmkaud - ok
13:19:28.0289 0x46bc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:19:28.0351 0x46bc  DXGKrnl - ok
13:19:28.0414 0x46bc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:19:28.0492 0x46bc  EapHost - ok
13:19:28.0679 0x46bc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:19:28.0866 0x46bc  ebdrv - ok
13:19:28.0913 0x46bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
13:19:28.0929 0x46bc  EFS - ok
13:19:29.0007 0x46bc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:19:29.0053 0x46bc  ehRecvr - ok
13:19:29.0085 0x46bc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:19:29.0116 0x46bc  ehSched - ok
13:19:29.0178 0x46bc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:19:29.0225 0x46bc  elxstor - ok
13:19:29.0241 0x46bc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:19:29.0272 0x46bc  ErrDev - ok
13:19:29.0334 0x46bc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:19:29.0412 0x46bc  EventSystem - ok
13:19:29.0459 0x46bc  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
13:19:29.0490 0x46bc  ew_hwusbdev - ok
13:19:29.0537 0x46bc  [ FF82FE59664304F75FC56EC0E92796F0, 943DF1D66BAC8EDDF45E77E2E17136ADBD2A5378BBFA93D2C78C16FEC5A7F14F ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
13:19:29.0553 0x46bc  ew_usbenumfilter - ok
13:19:29.0584 0x46bc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:19:29.0662 0x46bc  exfat - ok
13:19:29.0709 0x46bc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:19:29.0787 0x46bc  fastfat - ok
13:19:29.0833 0x46bc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:19:29.0896 0x46bc  Fax - ok
13:19:29.0911 0x46bc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:19:29.0943 0x46bc  fdc - ok
13:19:29.0974 0x46bc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:19:30.0036 0x46bc  fdPHost - ok
13:19:30.0067 0x46bc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:19:30.0145 0x46bc  FDResPub - ok
13:19:30.0161 0x46bc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:19:30.0192 0x46bc  FileInfo - ok
13:19:30.0208 0x46bc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:19:30.0270 0x46bc  Filetrace - ok
13:19:30.0301 0x46bc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:19:30.0333 0x46bc  flpydisk - ok
13:19:30.0364 0x46bc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:19:30.0395 0x46bc  FltMgr - ok
13:19:30.0473 0x46bc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:19:30.0567 0x46bc  FontCache - ok
13:19:30.0613 0x46bc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:19:30.0645 0x46bc  FontCache3.0.0.0 - ok
13:19:30.0660 0x46bc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:19:30.0676 0x46bc  FsDepends - ok
13:19:30.0707 0x46bc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:19:30.0738 0x46bc  Fs_Rec - ok
13:19:30.0769 0x46bc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:19:30.0816 0x46bc  fvevol - ok
13:19:30.0847 0x46bc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:19:30.0863 0x46bc  gagp30kx - ok
13:19:30.0910 0x46bc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:19:30.0925 0x46bc  GEARAspiWDM - ok
13:19:30.0988 0x46bc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:19:31.0081 0x46bc  gpsvc - ok
13:19:31.0144 0x46bc  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:19:31.0159 0x46bc  gupdate - ok
13:19:31.0191 0x46bc  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:19:31.0206 0x46bc  gupdatem - ok
13:19:31.0237 0x46bc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:19:31.0269 0x46bc  hcw85cir - ok
13:19:31.0315 0x46bc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:19:31.0362 0x46bc  HdAudAddService - ok
13:19:31.0409 0x46bc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:19:31.0440 0x46bc  HDAudBus - ok
13:19:31.0456 0x46bc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:19:31.0487 0x46bc  HidBatt - ok
13:19:31.0503 0x46bc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:19:31.0534 0x46bc  HidBth - ok
13:19:31.0549 0x46bc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:19:31.0581 0x46bc  HidIr - ok
13:19:31.0612 0x46bc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:19:31.0674 0x46bc  hidserv - ok
13:19:31.0721 0x46bc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:19:31.0737 0x46bc  HidUsb - ok
13:19:31.0768 0x46bc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:19:31.0830 0x46bc  hkmsvc - ok
13:19:31.0861 0x46bc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:19:31.0908 0x46bc  HomeGroupListener - ok
13:19:31.0939 0x46bc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:19:31.0971 0x46bc  HomeGroupProvider - ok
13:19:32.0017 0x46bc  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
13:19:32.0033 0x46bc  hpdskflt - ok
13:19:32.0080 0x46bc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:19:32.0095 0x46bc  HpSAMD - ok
13:19:32.0111 0x46bc  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
13:19:32.0142 0x46bc  hpsrv - ok
13:19:32.0205 0x46bc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:19:32.0298 0x46bc  HTTP - ok
13:19:32.0345 0x46bc  [ 4205571B46BAF3A43D43A9804810DF9A, 65F971AD054810113EE5057E3B4FFF611BBE299671C8017E6E5B0F16FC4D58AE ] huawei_cdcacm   C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
13:19:32.0376 0x46bc  huawei_cdcacm - ok
13:19:32.0407 0x46bc  [ F6C1661C55EAAD2DD9FBB37D5DF1A011, 8511A28F6FAECCBB86342B9490158C2E1031B6161DAD702D0DC2991366DB28DA ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
13:19:32.0423 0x46bc  huawei_enumerator - ok
13:19:32.0454 0x46bc  [ F7D991E5EA0433DBAEEE186CAD2BEBC9, D051ECAABFEBFCBBA548964DCCDD29DD996814AF4B01AE11B244584BD0FBD82B ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
13:19:32.0485 0x46bc  huawei_ext_ctrl - ok
13:19:32.0517 0x46bc  [ 06D9644E6BD7AD1C18B78D4D4EE87586, CEA690D0E86993DE9E92118C1E545C2AA0498606A721382734B5B0FD5BBFA7C0 ] huawei_wwanecm  C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
13:19:32.0548 0x46bc  huawei_wwanecm - ok
13:19:32.0657 0x46bc  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
13:19:32.0688 0x46bc  HWDeviceService64.exe - ok
13:19:32.0719 0x46bc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:19:32.0735 0x46bc  hwpolicy - ok
13:19:32.0782 0x46bc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:19:32.0797 0x46bc  i8042prt - ok
13:19:32.0844 0x46bc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:19:32.0891 0x46bc  iaStorV - ok
13:19:32.0969 0x46bc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:19:33.0016 0x46bc  idsvc - ok
13:19:33.0047 0x46bc  IEEtwCollectorService - ok
13:19:33.0094 0x46bc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:19:33.0125 0x46bc  iirsp - ok
13:19:33.0187 0x46bc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:19:33.0265 0x46bc  IKEEXT - ok
13:19:33.0281 0x46bc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:19:33.0312 0x46bc  intelide - ok
13:19:33.0343 0x46bc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:19:33.0375 0x46bc  intelppm - ok
13:19:33.0468 0x46bc  [ F87AB0028BEC24F93519F33AEA39B90A, 17108380F71B2C453038ADE2CB92E7E91A15DE71BF07249186BCAF44BDC28733 ] Internet Enhancer Service C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe
13:19:33.0484 0x46bc  Internet Enhancer Service - detected UnsignedFile.Multi.Generic ( 1 )
13:19:36.0261 0x46bc  Detect skipped due to KSN trusted
13:19:36.0261 0x46bc  Internet Enhancer Service - ok
13:19:36.0417 0x46bc  [ C5678CCEB3E9E03639C0A0E67B132E92, 3997C2F0410C7211C32730D3D80CDE18EABAAC9F244282008490351B9A4057EB ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
13:19:36.0463 0x46bc  Internet Manager. RunOuc - detected UnsignedFile.Multi.Generic ( 1 )
13:19:39.0381 0x46bc  Internet Manager. RunOuc ( UnsignedFile.Multi.Generic ) - warning
13:19:53.0202 0x46bc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:19:53.0280 0x46bc  IPBusEnum - ok
13:19:53.0296 0x46bc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:19:53.0374 0x46bc  IpFilterDriver - ok
13:19:53.0421 0x46bc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:19:53.0483 0x46bc  iphlpsvc - ok
13:19:53.0530 0x46bc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:19:53.0561 0x46bc  IPMIDRV - ok
13:19:53.0577 0x46bc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:19:53.0639 0x46bc  IPNAT - ok
13:19:53.0951 0x46bc  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:19:53.0998 0x46bc  iPod Service - ok
13:19:54.0029 0x46bc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:19:54.0060 0x46bc  IRENUM - ok
13:19:54.0076 0x46bc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:19:54.0107 0x46bc  isapnp - ok
13:19:54.0138 0x46bc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:19:54.0169 0x46bc  iScsiPrt - ok
13:19:54.0201 0x46bc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:19:54.0232 0x46bc  kbdclass - ok
13:19:54.0247 0x46bc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:19:54.0279 0x46bc  kbdhid - ok
13:19:54.0294 0x46bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
13:19:54.0325 0x46bc  KeyIso - ok
13:19:54.0372 0x46bc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:19:54.0403 0x46bc  KSecDD - ok
13:19:54.0435 0x46bc  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:19:54.0466 0x46bc  KSecPkg - ok
13:19:54.0497 0x46bc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:19:54.0575 0x46bc  ksthunk - ok
13:19:54.0684 0x46bc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:19:54.0762 0x46bc  KtmRm - ok
13:19:54.0793 0x46bc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:19:54.0871 0x46bc  LanmanServer - ok
13:19:54.0918 0x46bc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:19:54.0996 0x46bc  LanmanWorkstation - ok
13:19:55.0043 0x46bc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:19:55.0105 0x46bc  lltdio - ok
13:19:55.0152 0x46bc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:19:55.0230 0x46bc  lltdsvc - ok
13:19:55.0261 0x46bc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:19:55.0324 0x46bc  lmhosts - ok
13:19:55.0371 0x46bc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:19:55.0386 0x46bc  LSI_FC - ok
13:19:55.0417 0x46bc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:19:55.0433 0x46bc  LSI_SAS - ok
13:19:55.0464 0x46bc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:19:55.0480 0x46bc  LSI_SAS2 - ok
13:19:55.0495 0x46bc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:19:55.0527 0x46bc  LSI_SCSI - ok
13:19:55.0573 0x46bc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:19:55.0636 0x46bc  luafv - ok
13:19:55.0667 0x46bc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:19:55.0698 0x46bc  Mcx2Svc - ok
13:19:55.0729 0x46bc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:19:55.0745 0x46bc  megasas - ok
13:19:55.0792 0x46bc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:19:55.0823 0x46bc  MegaSR - ok
13:19:55.0870 0x46bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:19:55.0932 0x46bc  MMCSS - ok
13:19:55.0963 0x46bc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:19:56.0026 0x46bc  Modem - ok
13:19:56.0057 0x46bc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:19:56.0088 0x46bc  monitor - ok
13:19:56.0119 0x46bc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:19:56.0151 0x46bc  mouclass - ok
13:19:56.0166 0x46bc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:19:56.0182 0x46bc  mouhid - ok
13:19:56.0197 0x46bc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:19:56.0229 0x46bc  mountmgr - ok
13:19:56.0260 0x46bc  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:19:56.0291 0x46bc  MozillaMaintenance - ok
13:19:56.0322 0x46bc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:19:56.0353 0x46bc  mpio - ok
13:19:56.0385 0x46bc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:19:56.0463 0x46bc  mpsdrv - ok
13:19:56.0541 0x46bc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:19:56.0650 0x46bc  MpsSvc - ok
13:19:56.0681 0x46bc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:19:56.0712 0x46bc  MRxDAV - ok
13:19:56.0759 0x46bc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:19:56.0790 0x46bc  mrxsmb - ok
13:19:56.0821 0x46bc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:19:56.0853 0x46bc  mrxsmb10 - ok
13:19:56.0868 0x46bc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:19:56.0899 0x46bc  mrxsmb20 - ok
13:19:56.0931 0x46bc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:19:56.0946 0x46bc  msahci - ok
13:19:56.0977 0x46bc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:19:57.0009 0x46bc  msdsm - ok
13:19:57.0040 0x46bc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:19:57.0071 0x46bc  MSDTC - ok
13:19:57.0102 0x46bc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:19:57.0180 0x46bc  Msfs - ok
13:19:57.0196 0x46bc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:19:57.0274 0x46bc  mshidkmdf - ok
13:19:57.0289 0x46bc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:19:57.0305 0x46bc  msisadrv - ok
13:19:57.0352 0x46bc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:19:57.0414 0x46bc  MSiSCSI - ok
13:19:57.0430 0x46bc  msiserver - ok
13:19:57.0461 0x46bc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:19:57.0523 0x46bc  MSKSSRV - ok
13:19:57.0555 0x46bc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:19:57.0617 0x46bc  MSPCLOCK - ok
13:19:57.0617 0x46bc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:19:57.0695 0x46bc  MSPQM - ok
13:19:57.0726 0x46bc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:19:57.0773 0x46bc  MsRPC - ok
13:19:57.0804 0x46bc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:19:57.0820 0x46bc  mssmbios - ok
13:19:57.0820 0x46bc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:19:57.0898 0x46bc  MSTEE - ok
13:19:57.0898 0x46bc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:19:57.0929 0x46bc  MTConfig - ok
13:19:57.0960 0x46bc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:19:57.0976 0x46bc  Mup - ok
13:19:58.0039 0x46bc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:19:58.0117 0x46bc  napagent - ok
13:19:58.0164 0x46bc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:19:58.0211 0x46bc  NativeWifiP - ok
13:19:58.0273 0x46bc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:19:58.0336 0x46bc  NDIS - ok
13:19:58.0367 0x46bc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:19:58.0429 0x46bc  NdisCap - ok
13:19:58.0460 0x46bc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:19:58.0523 0x46bc  NdisTapi - ok
13:19:58.0538 0x46bc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:19:58.0601 0x46bc  Ndisuio - ok
13:19:58.0663 0x46bc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:19:58.0726 0x46bc  NdisWan - ok
13:19:58.0741 0x46bc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:19:58.0804 0x46bc  NDProxy - ok
13:19:58.0835 0x46bc  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
13:19:58.0866 0x46bc  Netaapl - ok
13:19:58.0913 0x46bc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:19:58.0975 0x46bc  NetBIOS - ok
13:19:59.0006 0x46bc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:19:59.0085 0x46bc  NetBT - ok
13:19:59.0101 0x46bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
13:19:59.0132 0x46bc  Netlogon - ok
13:19:59.0179 0x46bc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:19:59.0257 0x46bc  Netman - ok
13:19:59.0304 0x46bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:59.0335 0x46bc  NetMsmqActivator - ok
13:19:59.0351 0x46bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:59.0382 0x46bc  NetPipeActivator - ok
13:19:59.0413 0x46bc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:19:59.0491 0x46bc  netprofm - ok
13:19:59.0522 0x46bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:59.0553 0x46bc  NetTcpActivator - ok
13:19:59.0553 0x46bc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:19:59.0585 0x46bc  NetTcpPortSharing - ok
13:19:59.0631 0x46bc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:19:59.0647 0x46bc  nfrd960 - ok
13:19:59.0694 0x46bc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:19:59.0725 0x46bc  NlaSvc - ok
13:19:59.0772 0x46bc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:19:59.0834 0x46bc  Npfs - ok
13:19:59.0865 0x46bc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:19:59.0928 0x46bc  nsi - ok
13:19:59.0943 0x46bc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:20:00.0021 0x46bc  nsiproxy - ok
13:20:00.0115 0x46bc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:20:00.0209 0x46bc  Ntfs - ok
13:20:00.0240 0x46bc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:20:00.0302 0x46bc  Null - ok
13:20:00.0349 0x46bc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:20:00.0380 0x46bc  nvraid - ok
13:20:00.0411 0x46bc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:20:00.0443 0x46bc  nvstor - ok
13:20:00.0474 0x46bc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:20:00.0489 0x46bc  nv_agp - ok
13:20:00.0521 0x46bc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:20:00.0552 0x46bc  ohci1394 - ok
13:20:00.0614 0x46bc  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:20:00.0645 0x46bc  ose64 - ok
13:20:00.0911 0x46bc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:20:01.0160 0x46bc  osppsvc - ok
13:20:01.0223 0x46bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:20:01.0254 0x46bc  p2pimsvc - ok
13:20:01.0301 0x46bc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:20:01.0347 0x46bc  p2psvc - ok
13:20:01.0379 0x46bc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:20:01.0410 0x46bc  Parport - ok
13:20:01.0425 0x46bc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:20:01.0457 0x46bc  partmgr - ok
13:20:01.0472 0x46bc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:20:01.0519 0x46bc  PcaSvc - ok
13:20:01.0550 0x46bc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:20:01.0566 0x46bc  pci - ok
13:20:01.0597 0x46bc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:20:01.0628 0x46bc  pciide - ok
13:20:01.0644 0x46bc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:20:01.0675 0x46bc  pcmcia - ok
13:20:01.0722 0x46bc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:20:01.0737 0x46bc  pcw - ok
13:20:01.0784 0x46bc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:20:01.0878 0x46bc  PEAUTH - ok
13:20:01.0971 0x46bc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:20:02.0065 0x46bc  PeerDistSvc - ok
13:20:02.0143 0x46bc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:20:02.0174 0x46bc  PerfHost - ok
13:20:02.0268 0x46bc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:20:02.0408 0x46bc  pla - ok
13:20:02.0471 0x46bc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:20:02.0517 0x46bc  PlugPlay - ok
13:20:02.0533 0x46bc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:20:02.0564 0x46bc  PNRPAutoReg - ok
13:20:02.0595 0x46bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:20:02.0642 0x46bc  PNRPsvc - ok
13:20:02.0673 0x46bc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:20:02.0767 0x46bc  PolicyAgent - ok
13:20:02.0798 0x46bc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:20:02.0876 0x46bc  Power - ok
13:20:02.0923 0x46bc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:20:02.0985 0x46bc  PptpMiniport - ok
13:20:03.0001 0x46bc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:20:03.0032 0x46bc  Processor - ok
13:20:03.0079 0x46bc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:20:03.0126 0x46bc  ProfSvc - ok
13:20:03.0126 0x46bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:20:03.0157 0x46bc  ProtectedStorage - ok
13:20:03.0204 0x46bc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:20:03.0266 0x46bc  Psched - ok
13:20:03.0360 0x46bc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:20:03.0453 0x46bc  ql2300 - ok
13:20:03.0485 0x46bc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:20:03.0516 0x46bc  ql40xx - ok
13:20:03.0563 0x46bc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:20:03.0609 0x46bc  QWAVE - ok
13:20:03.0625 0x46bc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:20:03.0656 0x46bc  QWAVEdrv - ok
13:20:03.0687 0x46bc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:20:03.0750 0x46bc  RasAcd - ok
13:20:03.0781 0x46bc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:20:03.0843 0x46bc  RasAgileVpn - ok
13:20:03.0875 0x46bc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:20:03.0953 0x46bc  RasAuto - ok
13:20:04.0015 0x46bc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:20:04.0077 0x46bc  Rasl2tp - ok
13:20:04.0296 0x46bc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:20:04.0389 0x46bc  RasMan - ok
13:20:04.0452 0x46bc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:20:04.0530 0x46bc  RasPppoe - ok
13:20:04.0561 0x46bc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:20:04.0639 0x46bc  RasSstp - ok
13:20:04.0670 0x46bc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:20:04.0748 0x46bc  rdbss - ok
13:20:04.0779 0x46bc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:20:04.0811 0x46bc  rdpbus - ok
13:20:04.0826 0x46bc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:20:04.0889 0x46bc  RDPCDD - ok
13:20:04.0935 0x46bc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:20:04.0967 0x46bc  RDPDR - ok
13:20:04.0998 0x46bc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:20:05.0076 0x46bc  RDPENCDD - ok
13:20:05.0091 0x46bc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:20:05.0154 0x46bc  RDPREFMP - ok
13:20:05.0247 0x46bc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:20:05.0263 0x46bc  RdpVideoMiniport - ok
13:20:05.0310 0x46bc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:20:05.0341 0x46bc  RDPWD - ok
13:20:05.0388 0x46bc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:20:05.0419 0x46bc  rdyboost - ok
13:20:05.0435 0x46bc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:20:05.0513 0x46bc  RemoteAccess - ok
13:20:05.0559 0x46bc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:20:05.0637 0x46bc  RemoteRegistry - ok
13:20:05.0669 0x46bc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:20:05.0747 0x46bc  RpcEptMapper - ok
13:20:05.0809 0x46bc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:20:05.0840 0x46bc  RpcLocator - ok
13:20:05.0887 0x46bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:20:05.0981 0x46bc  RpcSs - ok
13:20:06.0027 0x46bc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:20:06.0090 0x46bc  rspndr - ok
13:20:06.0137 0x46bc  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:20:06.0183 0x46bc  RTL8167 - ok
13:20:06.0215 0x46bc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:20:06.0230 0x46bc  s3cap - ok
13:20:06.0246 0x46bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
13:20:06.0277 0x46bc  SamSs - ok
13:20:06.0293 0x46bc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:20:06.0324 0x46bc  sbp2port - ok
13:20:06.0371 0x46bc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:20:06.0449 0x46bc  SCardSvr - ok
13:20:06.0464 0x46bc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:20:06.0542 0x46bc  scfilter - ok
13:20:06.0620 0x46bc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:20:06.0745 0x46bc  Schedule - ok
13:20:06.0807 0x46bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:20:06.0885 0x46bc  SCPolicySvc - ok
13:20:06.0932 0x46bc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:20:06.0963 0x46bc  sdbus - ok
13:20:07.0010 0x46bc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:20:07.0041 0x46bc  SDRSVC - ok
13:20:07.0197 0x46bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:20:07.0275 0x46bc  secdrv - ok
13:20:07.0307 0x46bc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:20:07.0353 0x46bc  seclogon - ok
13:20:07.0369 0x46bc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:20:07.0431 0x46bc  SENS - ok
13:20:07.0447 0x46bc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:20:07.0463 0x46bc  SensrSvc - ok
13:20:07.0478 0x46bc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:20:07.0509 0x46bc  Serenum - ok
13:20:07.0541 0x46bc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:20:07.0556 0x46bc  Serial - ok
13:20:07.0587 0x46bc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:20:07.0603 0x46bc  sermouse - ok
13:20:07.0697 0x46bc  [ C471C170BFB078DEB5CF7C270D47B529, D9D5E88266EEDEDF97B4210EC3AF89FB93EA358476F40EDBC068D2121E036438 ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
13:20:07.0775 0x46bc  Service KMSELDI - detected UnsignedFile.Multi.Generic ( 1 )
13:20:10.0739 0x46bc  Service KMSELDI ( UnsignedFile.Multi.Generic ) - warning
13:20:13.0562 0x46bc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:20:13.0640 0x46bc  SessionEnv - ok
13:20:13.0687 0x46bc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:20:13.0718 0x46bc  sffdisk - ok
13:20:13.0734 0x46bc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:20:13.0765 0x46bc  sffp_mmc - ok
13:20:13.0781 0x46bc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:20:13.0812 0x46bc  sffp_sd - ok
13:20:13.0827 0x46bc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:20:13.0843 0x46bc  sfloppy - ok
13:20:13.0921 0x46bc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:20:13.0999 0x46bc  SharedAccess - ok
13:20:14.0061 0x46bc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:20:14.0139 0x46bc  ShellHWDetection - ok
13:20:14.0186 0x46bc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:20:14.0217 0x46bc  SiSRaid2 - ok
13:20:14.0233 0x46bc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:20:14.0264 0x46bc  SiSRaid4 - ok
13:20:14.0327 0x46bc  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:20:14.0373 0x46bc  SkypeUpdate - ok
13:20:14.0420 0x46bc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:20:14.0483 0x46bc  Smb - ok
13:20:14.0545 0x46bc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:20:14.0576 0x46bc  SNMPTRAP - ok
13:20:14.0592 0x46bc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:20:14.0623 0x46bc  spldr - ok
13:20:14.0685 0x46bc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:20:14.0732 0x46bc  Spooler - ok
13:20:14.0873 0x46bc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:20:15.0075 0x46bc  sppsvc - ok
13:20:15.0153 0x46bc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:20:15.0216 0x46bc  sppuinotify - ok
13:20:15.0278 0x46bc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:20:15.0309 0x46bc  srv - ok
13:20:15.0341 0x46bc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:20:15.0372 0x46bc  srv2 - ok
13:20:15.0403 0x46bc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:20:15.0419 0x46bc  srvnet - ok
13:20:15.0450 0x46bc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:20:15.0512 0x46bc  SSDPSRV - ok
13:20:15.0528 0x46bc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:20:15.0590 0x46bc  SstpSvc - ok
13:20:15.0699 0x46bc  [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C, 8EBBFA456D93E63AF9D64CC95A58651E2C1B1398B6052C0E65D3005AD5AC8CB5 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
13:20:15.0731 0x46bc  STacSV - ok
13:20:15.0762 0x46bc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:20:15.0777 0x46bc  stexstor - ok
13:20:15.0824 0x46bc  [ DFFBC024DFC7BB05B2129E05CBC7A201, CA07944B864D7F3DA673040CF6314FECCAF80B8EADAF648392AE79697DAC15B4 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
13:20:15.0871 0x46bc  STHDA - ok
13:20:15.0933 0x46bc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:20:16.0011 0x46bc  stisvc - ok
13:20:16.0043 0x46bc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:20:16.0074 0x46bc  storflt - ok
13:20:16.0105 0x46bc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
13:20:16.0136 0x46bc  StorSvc - ok
13:20:16.0152 0x46bc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:20:16.0183 0x46bc  storvsc - ok
13:20:16.0214 0x46bc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:20:16.0245 0x46bc  swenum - ok
13:20:16.0386 0x46bc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:20:16.0417 0x46bc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
13:20:19.0194 0x46bc  Detect skipped due to KSN trusted
13:20:19.0194 0x46bc  SwitchBoard - ok
13:20:19.0287 0x46bc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:20:19.0397 0x46bc  swprv - ok
13:20:19.0443 0x46bc  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:20:19.0475 0x46bc  SynTP - ok
13:20:19.0568 0x46bc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:20:19.0693 0x46bc  SysMain - ok
13:20:19.0724 0x46bc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:20:19.0755 0x46bc  TabletInputService - ok
13:20:19.0849 0x46bc  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
13:20:19.0865 0x46bc  tap0901 - ok
13:20:19.0896 0x46bc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:20:19.0989 0x46bc  TapiSrv - ok
13:20:20.0005 0x46bc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:20:20.0083 0x46bc  TBS - ok
13:20:20.0208 0x46bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:20:20.0301 0x46bc  Tcpip - ok
13:20:20.0411 0x46bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:20:20.0520 0x46bc  TCPIP6 - ok
13:20:20.0551 0x46bc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:20:20.0582 0x46bc  tcpipreg - ok
13:20:20.0613 0x46bc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:20:20.0629 0x46bc  TDPIPE - ok
13:20:20.0660 0x46bc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:20:20.0691 0x46bc  TDTCP - ok
13:20:20.0738 0x46bc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:20:20.0769 0x46bc  tdx - ok
13:20:20.0785 0x46bc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:20:20.0816 0x46bc  TermDD - ok
13:20:20.0879 0x46bc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:20:20.0941 0x46bc  TermService - ok
13:20:20.0972 0x46bc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:20:21.0003 0x46bc  Themes - ok
13:20:21.0035 0x46bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:20:21.0113 0x46bc  THREADORDER - ok
13:20:21.0144 0x46bc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:20:21.0222 0x46bc  TrkWks - ok
13:20:21.0269 0x46bc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:20:21.0347 0x46bc  TrustedInstaller - ok
13:20:21.0393 0x46bc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:20:21.0409 0x46bc  tssecsrv - ok
13:20:21.0456 0x46bc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:20:21.0471 0x46bc  TsUsbFlt - ok
13:20:21.0503 0x46bc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:20:21.0534 0x46bc  TsUsbGD - ok
13:20:21.0596 0x46bc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:20:21.0674 0x46bc  tunnel - ok
13:20:21.0690 0x46bc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:20:21.0705 0x46bc  uagp35 - ok
13:20:21.0752 0x46bc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:20:21.0830 0x46bc  udfs - ok
13:20:21.0877 0x46bc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:20:21.0908 0x46bc  UI0Detect - ok
13:20:21.0939 0x46bc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:20:21.0955 0x46bc  uliagpkx - ok
13:20:22.0002 0x46bc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:20:22.0033 0x46bc  umbus - ok
13:20:22.0049 0x46bc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:20:22.0064 0x46bc  UmPass - ok
13:20:22.0095 0x46bc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:20:22.0142 0x46bc  UmRdpService - ok
13:20:22.0142 0x46bc  Update RightSurf - ok
13:20:22.0189 0x46bc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:20:22.0283 0x46bc  upnphost - ok
13:20:22.0345 0x46bc  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:20:22.0361 0x46bc  USBAAPL64 - ok
13:20:22.0407 0x46bc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:20:22.0439 0x46bc  usbaudio - ok
13:20:22.0470 0x46bc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:20:22.0485 0x46bc  usbccgp - ok
13:20:22.0532 0x46bc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:20:22.0579 0x46bc  usbcir - ok
13:20:22.0610 0x46bc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:20:22.0626 0x46bc  usbehci - ok
13:20:22.0673 0x46bc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:20:22.0719 0x46bc  usbhub - ok
13:20:22.0735 0x46bc  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:20:22.0751 0x46bc  usbohci - ok
13:20:22.0782 0x46bc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:20:22.0813 0x46bc  usbprint - ok
13:20:22.0844 0x46bc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:20:22.0875 0x46bc  usbscan - ok
13:20:22.0907 0x46bc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:20:22.0938 0x46bc  USBSTOR - ok
13:20:22.0969 0x46bc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:20:22.0985 0x46bc  usbuhci - ok
13:20:23.0031 0x46bc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:20:23.0063 0x46bc  usbvideo - ok
13:20:23.0094 0x46bc  Util RightSurf - ok
13:20:23.0109 0x46bc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:20:23.0187 0x46bc  UxSms - ok
13:20:23.0187 0x46bc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
13:20:23.0219 0x46bc  VaultSvc - ok
13:20:23.0250 0x46bc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:20:23.0281 0x46bc  vdrvroot - ok
13:20:23.0328 0x46bc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:20:23.0421 0x46bc  vds - ok
13:20:23.0437 0x46bc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:20:23.0468 0x46bc  vga - ok
13:20:23.0484 0x46bc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:20:23.0562 0x46bc  VgaSave - ok
13:20:23.0593 0x46bc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:20:23.0624 0x46bc  vhdmp - ok
13:20:23.0655 0x46bc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:20:23.0687 0x46bc  viaide - ok
13:20:23.0733 0x46bc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:20:23.0765 0x46bc  vmbus - ok
13:20:23.0780 0x46bc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:20:23.0811 0x46bc  VMBusHID - ok
13:20:23.0843 0x46bc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:20:23.0874 0x46bc  volmgr - ok
13:20:23.0905 0x46bc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:20:23.0952 0x46bc  volmgrx - ok
13:20:23.0967 0x46bc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:20:24.0014 0x46bc  volsnap - ok
13:20:24.0045 0x46bc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:20:24.0077 0x46bc  vsmraid - ok
13:20:24.0170 0x46bc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:20:24.0326 0x46bc  VSS - ok
13:20:24.0357 0x46bc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:20:24.0389 0x46bc  vwifibus - ok
13:20:24.0420 0x46bc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:20:24.0451 0x46bc  vwififlt - ok
13:20:24.0482 0x46bc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:20:24.0513 0x46bc  vwifimp - ok
13:20:24.0560 0x46bc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:20:24.0638 0x46bc  W32Time - ok
13:20:24.0685 0x46bc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:20:24.0701 0x46bc  WacomPen - ok
13:20:24.0732 0x46bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:20:24.0794 0x46bc  WANARP - ok
13:20:24.0810 0x46bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:20:24.0872 0x46bc  Wanarpv6 - ok
13:20:24.0981 0x46bc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:20:25.0059 0x46bc  WatAdminSvc - ok
13:20:25.0153 0x46bc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:20:25.0262 0x46bc  wbengine - ok
13:20:25.0293 0x46bc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:20:25.0340 0x46bc  WbioSrvc - ok
13:20:25.0371 0x46bc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:20:25.0434 0x46bc  wcncsvc - ok
13:20:25.0449 0x46bc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:20:25.0481 0x46bc  WcsPlugInService - ok
13:20:25.0512 0x46bc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:20:25.0543 0x46bc  Wd - ok
13:20:25.0590 0x46bc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:20:25.0652 0x46bc  Wdf01000 - ok
13:20:25.0683 0x46bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:20:25.0730 0x46bc  WdiServiceHost - ok
13:20:25.0746 0x46bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:20:25.0777 0x46bc  WdiSystemHost - ok
13:20:25.0808 0x46bc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:20:25.0855 0x46bc  WebClient - ok
13:20:25.0886 0x46bc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:20:25.0964 0x46bc  Wecsvc - ok
13:20:25.0980 0x46bc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:20:26.0058 0x46bc  wercplsupport - ok
13:20:26.0089 0x46bc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:20:26.0167 0x46bc  WerSvc - ok
13:20:26.0214 0x46bc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:20:26.0276 0x46bc  WfpLwf - ok
13:20:26.0292 0x46bc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:20:26.0323 0x46bc  WIMMount - ok
13:20:26.0339 0x46bc  WinDefend - ok
13:20:26.0370 0x46bc  WinHttpAutoProxySvc - ok
13:20:26.0417 0x46bc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:20:26.0496 0x46bc  Winmgmt - ok
13:20:26.0620 0x46bc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:20:26.0745 0x46bc  WinRM - ok
13:20:26.0808 0x46bc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:20:26.0839 0x46bc  WinUsb - ok
13:20:26.0901 0x46bc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:20:26.0995 0x46bc  Wlansvc - ok
13:20:27.0026 0x46bc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:20:27.0042 0x46bc  WmiAcpi - ok
13:20:27.0088 0x46bc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:20:27.0120 0x46bc  wmiApSrv - ok
13:20:27.0135 0x46bc  WMPNetworkSvc - ok
13:20:27.0166 0x46bc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:20:27.0198 0x46bc  WPCSvc - ok
13:20:27.0213 0x46bc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:20:27.0244 0x46bc  WPDBusEnum - ok
13:20:27.0276 0x46bc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:20:27.0338 0x46bc  ws2ifsl - ok
13:20:27.0369 0x46bc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:20:27.0416 0x46bc  wscsvc - ok
13:20:27.0416 0x46bc  WSearch - ok
13:20:27.0556 0x46bc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:20:27.0712 0x46bc  wuauserv - ok
13:20:27.0759 0x46bc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:20:27.0775 0x46bc  WudfPf - ok
13:20:27.0806 0x46bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:20:27.0837 0x46bc  WUDFRd - ok
13:20:27.0868 0x46bc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:20:27.0900 0x46bc  wudfsvc - ok
13:20:27.0946 0x46bc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:20:27.0993 0x46bc  WwanSvc - ok
13:20:28.0040 0x46bc  ================ Scan global ===============================
13:20:28.0071 0x46bc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:20:28.0118 0x46bc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:20:28.0134 0x46bc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:20:28.0180 0x46bc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:20:28.0212 0x46bc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:20:28.0227 0x46bc  [ Global ] - ok
13:20:28.0227 0x46bc  ================ Scan MBR ==================================
13:20:28.0243 0x46bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:20:29.0148 0x46bc  \Device\Harddisk0\DR0 - ok
13:20:29.0148 0x46bc  ================ Scan VBR ==================================
13:20:29.0179 0x46bc  [ C7132D7EF4281D2D373864CA49F586BF ] \Device\Harddisk0\DR0\Partition1
13:20:29.0179 0x46bc  \Device\Harddisk0\DR0\Partition1 - ok
13:20:29.0194 0x46bc  [ EE0089E2B868FC8C265E7537009B43AC ] \Device\Harddisk0\DR0\Partition2
13:20:29.0194 0x46bc  \Device\Harddisk0\DR0\Partition2 - ok
13:20:29.0194 0x46bc  [ 478516D8FA8F92E12E245B4B625C204A ] \Device\Harddisk0\DR0\Partition3
13:20:29.0194 0x46bc  \Device\Harddisk0\DR0\Partition3 - ok
13:20:29.0194 0x46bc  ================ Scan generic autorun ======================
13:20:29.0257 0x46bc  [ 2EEED500C1EC095CB3D0DE7A3C7E4278, 06D0DC42A7DE207D675A0DE69001D20941FC0B8D067504CD8B56DD0B952A5ACE ] C:\Program Files\IDT\WDM\sttray64.exe
13:20:29.0304 0x46bc  SysTrayApp - ok
13:20:29.0304 0x46bc  SynTPEnh - ok
13:20:29.0397 0x46bc  [ BDBF2A7AD6CF18F2A7FBC431692B7B96, 73A91EC0E78773B4138132D5D6D4C8A702116C4BF7D1D986B52BE0070F19E5FC ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
13:20:29.0444 0x46bc  AdobeAAMUpdater-1.0 - ok
13:20:29.0491 0x46bc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:20:29.0522 0x46bc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
13:20:29.0522 0x46bc  Detect skipped due to KSN trusted
13:20:29.0522 0x46bc  SwitchBoard - ok
13:20:29.0631 0x46bc  [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
13:20:29.0694 0x46bc  AdobeCS6ServiceManager - ok
13:20:29.0772 0x46bc  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:20:29.0818 0x46bc  avgnt - ok
13:20:29.0959 0x46bc  [ 49161D25F38D52B026AA6B718E9F05B8, 80CEE409BC07722C3092393817A8C771469331EC12FFD6200A6E7CD302C0E11F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
13:20:30.0084 0x46bc  Adobe Creative Cloud - ok
13:20:30.0115 0x46bc  [ 5100ADC704F2D6CE3DF8C0D5105D6C84, BD46EE57F881EDAB63A0540186D9471F4C70F3E4D72F1C52D72DD9BADF9E7334 ] C:\Program Files (x86)\PDF24\pdf24.exe
13:20:30.0146 0x46bc  PDFPrint - ok
13:20:30.0208 0x46bc  [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:20:30.0224 0x46bc  iTunesHelper - ok
13:20:30.0271 0x46bc  [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:20:30.0302 0x46bc  SunJavaUpdateSched - ok
13:20:30.0349 0x46bc  [ BA18CFAB98426BFA6D6EC7E5B1961ED0, 540BF2CFDB099296F2AA24D192EFC5B013C88C0152763454521355ACBB50337D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
13:20:30.0380 0x46bc  Avira Systray - ok
13:20:30.0489 0x46bc  [ 34560253EF56416ED5F9192AA258407E, 1915FED010A852C65A4BF809D9DC8E8C96ECCABFC6707F1EBA946630F4E56CAF ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
13:20:30.0598 0x46bc  TrojanScanner - ok
13:20:30.0739 0x46bc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:20:30.0832 0x46bc  Sidebar - ok
13:20:30.0864 0x46bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:20:30.0910 0x46bc  mctadmin - ok
13:20:30.0973 0x46bc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:20:31.0066 0x46bc  Sidebar - ok
13:20:31.0082 0x46bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:20:31.0113 0x46bc  mctadmin - ok
13:20:31.0129 0x46bc  LiveSupport - ok
13:20:31.0207 0x46bc  [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
13:20:31.0222 0x46bc  iCloudServices - ok
13:20:31.0254 0x46bc  [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
13:20:31.0269 0x46bc  ApplePhotoStreams - ok
13:20:31.0300 0x46bc  FlashPlayerUpdate - ok
13:20:31.0300 0x46bc  Waiting for KSN requests completion. In queue: 138
13:20:32.0314 0x46bc  Waiting for KSN requests completion. In queue: 138
13:20:33.0328 0x46bc  Waiting for KSN requests completion. In queue: 138
13:20:34.0374 0x46bc  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x40000 ( disabled : updated )
13:20:34.0389 0x46bc  Win FW state via NFP2: disabled
13:20:37.0119 0x46bc  ============================================================
13:20:37.0119 0x46bc  Scan finished
13:20:37.0119 0x46bc  ============================================================
13:20:37.0135 0x39dc  Detected object count: 2
13:20:37.0135 0x39dc  Actual detected object count: 2
13:20:54.0077 0x39dc  Internet Manager. RunOuc ( UnsignedFile.Multi.Generic ) - skipped by user
13:20:54.0077 0x39dc  Internet Manager. RunOuc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:20:54.0077 0x39dc  Service KMSELDI ( UnsignedFile.Multi.Generic ) - skipped by user
13:20:54.0077 0x39dc  Service KMSELDI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:21:03.0126 0x4254  Deinitialize success
         

Alt 02.02.2015, 16:48   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Avira immer aus, aber Internet dran lassen.


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2015, 21:38   #6
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Combofix.txt:
Code:
ATTFilter
ComboFix 15-02-02.01 - Dirk 02.02.2015  21:55:43.2.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.4093.2399 [GMT 1:00]
ausgeführt von:: c:\users\Dirk\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dirk\AppData\Local\Adobe\gccheck.exe
c:\users\Dirk\AppData\Local\Adobe\gtbcheck.exe
c:\users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\RightSurf_iels
c:\users\Dirk\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\security\Database\tmp.edb
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Service KMSELDI
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-01-02 bis 2015-02-02  ))))))))))))))))))))))))))))))
.
.
2015-02-02 21:06 . 2015-02-02 21:06	--------	d-----w-	c:\program files\WajaWebEnhancer
2015-02-02 11:30 . 2015-02-02 11:30	--------	d-----w-	c:\programdata\Malwarebytes
2015-02-02 11:30 . 2015-02-02 12:06	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-02-02 11:30 . 2015-02-02 11:30	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-02 11:27 . 2015-02-02 11:28	97496	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-02-02 11:12 . 2015-02-02 11:12	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-02-01 18:44 . 2015-02-01 18:47	--------	d-----w-	C:\FRST
2015-02-01 18:41 . 2015-02-02 11:01	--------	d-----w-	C:\Problem-Software
2015-01-31 14:52 . 2015-01-31 14:52	--------	d-----w-	c:\programdata\Licenses
2015-01-31 14:47 . 2015-01-31 14:47	--------	d-----w-	c:\users\Dirk\AppData\Roaming\Simply Super Software
2015-01-31 14:47 . 2015-01-31 14:47	--------	d-----w-	c:\program files (x86)\Trojan Remover
2015-01-31 14:47 . 2015-01-31 14:47	--------	d-----w-	c:\programdata\Simply Super Software
2015-01-26 08:30 . 2015-01-26 08:31	--------	d-----w-	c:\users\Dirk\AppData\Local\Google
2015-01-26 08:30 . 2015-01-26 08:31	--------	d-----w-	c:\program files (x86)\Google
2015-01-26 08:30 . 2015-01-26 08:30	880784	----a-w-	c:\program files\ChromeSetup.exe
2015-01-15 07:32 . 2015-01-15 15:06	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2015-01-12 19:18 . 2015-01-12 19:18	--------	d-----w-	c:\windows\Sun
2015-01-05 13:08 . 2015-01-05 13:08	--------	d-----w-	c:\users\Dirk\AppData\Local\ElevatedDiagnostics
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-25 21:23 . 2014-01-31 19:21	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-25 21:23 . 2014-01-31 19:21	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-14 16:24 . 2014-01-30 21:28	113365784	----a-w-	c:\windows\system32\MRT.exe
2014-12-13 05:09 . 2014-12-18 06:13	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 06:13	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-11 07:15	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-11 07:15	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-11 07:15	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-11 07:15	830976	----a-w-	c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-11 07:15	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-11 07:15	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-11 07:15	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 07:15	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-11 07:15	389296	----a-w-	c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-11 07:15	25059840	----a-w-	c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-11 07:15	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-11 07:15	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-11 07:15	66560	----a-w-	c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-11 07:15	580096	----a-w-	c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-11 07:15	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-11 07:15	2885120	----a-w-	c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-11 07:15	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-11 07:15	54784	----a-w-	c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-11 07:15	34304	----a-w-	c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-11 07:15	633856	----a-w-	c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-11 07:15	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-11 07:15	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-11 07:15	6039552	----a-w-	c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-11 07:15	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-11 07:15	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-11 07:15	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-11 07:15	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-11 07:15	199680	----a-w-	c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-11 07:15	92160	----a-w-	c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-11 07:15	501248	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-11 07:15	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-11 07:15	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 07:15	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-11 07:15	316928	----a-w-	c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-11 07:15	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-11 07:15	718848	----a-w-	c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-11 07:15	800768	----a-w-	c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-11 07:15	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-11 07:15	2125312	----a-w-	c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-11 07:15	14412800	----a-w-	c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-11 07:15	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 07:15	4299264	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-11 07:15	2358272	----a-w-	c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-11 07:15	2052096	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 07:15	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-11 07:15	1548288	----a-w-	c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-11 07:15	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-11 07:15	1888256	----a-w-	c:\windows\SysWow64\wininet.dll
2014-11-18 19:47 . 2014-11-18 19:47	1691816	----a-w-	c:\windows\system32\FM20.DLL
2014-11-11 03:09 . 2014-12-11 07:15	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 08:45	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 08:45	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-11 07:15	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 08:45	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 08:45	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-11 07:15	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-11 07:14	2048	----a-w-	c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-11 07:14	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:19	1729744	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:19	1729744	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:19	1729744	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-09 702768]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-02-11 2239376]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-12-12 186408]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-11-20 126200]
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe" [2014-10-16 1791856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Internet Manager. RunOuc;Internet Manager. OUC;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Update RightSurf;Update RightSurf;c:\program files (x86)\RightSurf\updateRightSurf.exe;c:\program files (x86)\RightSurf\updateRightSurf.exe [x]
R2 Util RightSurf;Util RightSurf;c:\program files (x86)\RightSurf\bin\utilRightSurf.exe;c:\program files (x86)\RightSurf\bin\utilRightSurf.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 Internet Enhancer Service;Internet Enhancer Service;c:\program files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe;c:\program files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [x]
S2 Wajam Web Enhancer;Wajam Web Enhancer;c:\program files\WajaWebEnhancer\wajam_64.exe;c:\program files\WajaWebEnhancer\wajam_64.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-27 06:58	1086280	----a-w-	c:\program files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-31 21:23]
.
2015-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26 08:30]
.
2015-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-26 08:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Dirk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.autosport.at/
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391763618&from=smt&uid=ST500LT012-1DG142_S3P1KVBGXXXXS3P1KVBG&q={searchTerms}
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391763618&from=smt&uid=ST500LT012-1DG142_S3P1KVBGXXXXS3P1KVBG&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:49201;https=127.0.0.1:49201
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C03FF709-A07B-4859-8911-F71D0D84E441}: NameServer = 213.162.69.170 213.162.69.2
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://www.autosport.at/
FF - prefs.js: network.proxy.type - 5
FF - user.js: extensions.irspeeddial.aflt - fxtb103
FF - user.js: extensions.irspeeddial.instlRef - 
FF - user.js: extensions.irspeeddial.cr - 178945102
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtByDyDyCtAzyyByByBtD0F0E0A0FtN0D0Tzu0CyByBtBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czu1G2Z1S
FF - user.js: network.http.spdy.enabled - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-LiveSupport - c:\program files (x86)\LiveSupport\LiveSupport.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Wajam Web Enhancer - c:\program files\WajaWebEnhancer\WWE_uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programdata\Internet Manager\OnlineUpdate\ouc.exe
c:\programdata\Internet Manager\OnlineUpdate\LiveUpd.exe
c:\program files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe
c:\program files\WajaWebEnhancer\wajam.exe
c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
c:\program files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
c:\program files (x86)\Java\jre7\bin\jp2launcher.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-02-02  22:15:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-02-02 21:15
.
Vor Suchlauf: 14 Verzeichnis(se), 137.555.677.184 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 137.835.102.208 Bytes frei
.
- - End Of File - - B7659CC9BE504444E7D1CAEE2BAF357F
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 03.02.2015, 10:49   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2015, 12:09   #8
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Hier die mbam:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 03.02.2015
Scan Time: 11:58:57
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.03.03
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dirk

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352816
Time Elapsed: 18 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
---

AdwCleaner:
Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 03/02/2015 um 12:49:59
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-02.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Dirk - DIRK-PC
# Gestartet von : C:\Users\Dirk\Desktop\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Util RightSurf

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\SimilarSites
Ordner Gelöscht : C:\Users\Dirk\AppData\Local\FileTypeAssistant
Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\1H1Q
Ordner Gelöscht : C:\Users\Dirk\AppData\Roaming\FoxTab
Datei Gelöscht : C:\Users\Dirk\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Dirk\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\Bitberry Software
Schlüssel Gelöscht : HKCU\Software\Bitberry
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v35.0.1 (x86 en-US)

[7qzxmebu.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Trovi search");

-\\ Google Chrome v40.0.2214.93


-\\ Comodo Dragon v31.1.2.0


*************************

AdwCleaner[R0].txt - [3040 octets] - [03/02/2015 12:36:10]
AdwCleaner[R1].txt - [3100 octets] - [03/02/2015 12:44:32]
AdwCleaner[S0].txt - [2714 octets] - [03/02/2015 12:49:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2774 octets] ##########
         
---

JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Professional x64
Ran by Dirk on 03.02.2015 at 12:55:58,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update rightsurf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util rightsurf



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Dirk\AppData\Roaming\mozilla\firefox\profiles\7qzxmebu.default\minidumps [183 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.02.2015 at 13:02:46,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
---
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Dirk (administrator) on DIRK-PC on 03-02-2015 13:05:33
Running from C:\Users\Dirk\Desktop
Loaded Profiles: Dirk (Available profiles: Dirk)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\Software\Microsoft\Internet Explorer\Main,Start Page = - Autosport.at - Motorsport Bild- und Nachrichtenagentur
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C03FF709-A07B-4859-8911-F71D0D84E441}: [NameServer] 213.162.69.170 213.162.69.2

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default
FF Homepage: hxxp://www.autosport.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Firebug - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\firebug@software.joehewitt.com.xpi [2014-02-01]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-02-16]
FF Extension: PageRank - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\PageRank@addonfactory.in.xpi [2014-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google-Suche) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Google Tabellen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Google Mail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-07] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] () [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 13:05 - 2015-02-03 13:05 - 00017168 _____ () C:\Users\Dirk\Desktop\FRST.txt
2015-02-03 13:02 - 2015-02-03 13:02 - 00001014 _____ () C:\Users\Dirk\Desktop\JRT.txt
2015-02-03 12:54 - 2015-02-03 12:54 - 00002854 _____ () C:\Users\Dirk\Desktop\AdwCleaner[S0].txt
2015-02-03 12:36 - 2015-02-03 12:50 - 00000000 ____D () C:\AdwCleaner
2015-02-03 12:21 - 2015-02-03 12:21 - 00001055 _____ () C:\Users\Dirk\Desktop\mbam.txt
2015-02-03 11:58 - 2015-02-03 11:58 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-03 11:58 - 2015-02-03 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-03 11:58 - 2015-02-03 11:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-03 11:58 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-03 11:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-03 11:55 - 2015-02-03 11:55 - 02194432 _____ () C:\Users\Dirk\Desktop\AdwCleaner_4.109.exe
2015-02-03 11:55 - 2015-02-03 11:55 - 01388274 _____ (Thisisu) C:\Users\Dirk\Desktop\JRT.exe
2015-02-02 22:15 - 2015-02-02 22:15 - 00029062 _____ () C:\ComboFix.txt
2015-02-02 21:24 - 2015-02-02 22:15 - 00000000 ____D () C:\Qoobox
2015-02-02 21:24 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-02 21:24 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-02 21:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-02 21:23 - 2015-02-02 22:12 - 00000000 ____D () C:\Windows\erdnt
2015-02-02 21:16 - 2015-02-02 21:16 - 05611380 ____R (Swearware) C:\Users\Dirk\Desktop\ComboFix.exe
2015-02-02 12:30 - 2015-02-03 12:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 12:30 - 2015-02-03 12:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-02 12:30 - 2015-02-03 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 12:28 - 2015-02-02 12:28 - 00000000 ____D () C:\Users\Dirk\Desktop\mbar-1.08.3.1004
2015-02-02 12:27 - 2015-02-02 12:27 - 00000000 ____D () C:\Users\Dirk\Desktop\mbar
2015-02-02 12:27 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 12:13 - 2015-02-02 12:13 - 00001238 _____ () C:\Users\Dirk\Desktop\Revo Uninstaller.lnk
2015-02-02 12:12 - 2015-02-02 12:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-02 12:07 - 2015-02-02 13:13 - 00188656 _____ () C:\Users\Dirk\Desktop\Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Trojaner-Board.htm
2015-02-02 12:07 - 2015-02-02 12:07 - 00000000 ____D () C:\Users\Dirk\Desktop\Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Trojaner-Board_files
2015-02-02 12:03 - 2015-02-02 12:03 - 00001982 _____ () C:\Users\Dirk\Desktop\schritt-2-troja.txt
2015-02-02 12:02 - 2015-02-02 12:03 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Dirk\Desktop\tdsskiller.exe
2015-02-02 12:02 - 2015-02-02 12:02 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Dirk\Desktop\mbar-1.08.3.1004.exe
2015-02-02 10:23 - 2015-02-02 10:23 - 00004562 _____ () C:\Users\Dirk\Desktop\gmer.log
2015-02-01 19:56 - 2015-02-01 19:56 - 00000086 _____ () C:\Users\Dirk\Desktop\trojaboard.txt
2015-02-01 19:46 - 2015-02-01 19:47 - 00026073 _____ () C:\Users\Dirk\Desktop\Addition.txt
2015-02-01 19:44 - 2015-02-03 13:05 - 00000000 ____D () C:\FRST
2015-02-01 19:44 - 2015-02-01 19:44 - 02131456 _____ (Farbar) C:\Users\Dirk\Desktop\FRST64.exe
2015-02-01 19:42 - 2015-02-01 19:42 - 00000470 _____ () C:\Users\Dirk\Desktop\defogger_disable.log
2015-02-01 19:42 - 2015-02-01 19:42 - 00000000 _____ () C:\Users\Dirk\defogger_reenable
2015-02-01 19:41 - 2015-02-03 11:54 - 00000000 ____D () C:\Problem-Software
2015-02-01 19:41 - 2015-02-01 19:41 - 00050477 _____ () C:\Users\Dirk\Desktop\Defogger.exe
2015-01-31 15:52 - 2015-02-02 22:00 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-31 15:52 - 2015-01-31 15:52 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Users\Dirk\Documents\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-31 15:46 - 2015-01-31 15:46 - 31390952 _____ (Simply Super Software ) C:\Users\Dirk\Downloads\trjsetup691.exe
2015-01-27 08:09 - 2015-01-27 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 09:31 - 2015-01-26 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 09:30 - 2015-02-03 12:53 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 09:30 - 2015-02-03 12:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 09:30 - 2015-01-26 09:31 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Google
2015-01-26 09:30 - 2015-01-26 09:31 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-26 09:30 - 2015-01-26 09:30 - 00880784 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2015-01-26 09:30 - 2015-01-26 09:30 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 09:30 - 2015-01-26 09:30 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-17 13:13 - 2015-01-17 13:14 - 06381120 _____ (Tim Kosse) C:\Users\Dirk\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-15 08:32 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 07:38 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 07:38 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 07:38 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 07:38 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 07:38 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 07:38 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 07:38 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 07:38 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 07:38 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 07:38 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:38 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 07:38 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 07:38 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 08:52 - 2015-01-13 08:52 - 00000971 _____ () C:\Users\Dirk\Desktop\Zahlungen - Verknüpfung.lnk
2015-01-12 20:18 - 2015-01-12 20:18 - 00000000 ____D () C:\Windows\Sun

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 13:06 - 2014-02-12 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 12:59 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-03 12:59 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 12:57 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-02-03 12:57 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-02-03 12:57 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 12:55 - 2014-11-10 08:36 - 00001107 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-03 12:55 - 2014-01-31 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-03 12:55 - 2014-01-31 17:01 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-03 12:54 - 2014-01-31 18:11 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-03 12:54 - 2014-01-30 21:53 - 01063066 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 12:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 12:50 - 2010-11-21 04:47 - 00174704 _____ () C:\Windows\PFRO.log
2015-02-03 12:50 - 2009-07-14 05:51 - 00084635 _____ () C:\Windows\setupact.log
2015-02-03 12:22 - 2014-02-06 15:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-02-03 11:26 - 2014-01-31 20:58 - 00000000 ____D () C:\Program Files (x86)\RenWiz
2015-02-02 22:15 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-02 22:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-02 22:05 - 2014-01-31 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 22:04 - 2009-07-14 03:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 18874368 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-02-02 22:02 - 2014-01-31 17:18 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Adobe
2015-02-01 19:42 - 2014-01-30 21:59 - 00000000 ____D () C:\Users\Dirk
2015-02-01 12:38 - 2014-02-06 13:14 - 00000600 _____ () C:\Users\Dirk\AppData\Roaming\winscp.rnd
2015-02-01 11:40 - 2014-01-31 19:51 - 00001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-25 22:23 - 2014-02-12 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 22:23 - 2014-01-31 20:21 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 22:23 - 2014-01-31 20:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 14:25 - 2014-01-31 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-17 18:09 - 2014-02-09 14:21 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\FileZilla
2015-01-17 13:14 - 2014-01-31 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-14 17:29 - 2014-01-30 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:24 - 2014-01-30 22:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-05 14:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-01-26 09:30 - 2015-01-26 09:30 - 0880784 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2014-09-18 09:01 - 2014-09-18 09:01 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-11-09 10:57 - 2014-12-21 19:03 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-10 20:16 - 2014-07-19 04:52 - 0000138 _____ () C:\Users\Dirk\AppData\Roaming\WB.CFG
2014-02-06 13:14 - 2015-02-01 12:38 - 0000600 _____ () C:\Users\Dirk\AppData\Roaming\winscp.rnd
2014-01-31 19:51 - 2015-02-01 11:40 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Save for Web 13.0 Prefs

Some content of TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\avgnt.exe
C:\Users\Dirk\AppData\Local\Temp\Quarantine.exe
C:\Users\Dirk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-02 22:32

==================== End Of Log ============================
         
--- --- ---

Alt 03.02.2015, 18:05   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.02.2015, 19:56   #10
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Eset nach fast 23 Stunden beendet:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1e8e3b351ca7f44fbe5e43d970204214
# engine=22293
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-04 07:41:52
# local_time=2015-02-04 08:41:52 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 99865 35726937 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 31885738 174708762 0 0
# scanned=1895865
# found=0
# cleaned=0
# scan_time=81402
         
---

Security-Check fauerte lediglich eine Sekunde:
Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
Und hier die neue FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Dirk (administrator) on DIRK-PC on 04-02-2015 20:53:38
Running from C:\Users\Dirk\Desktop
Loaded Profiles: Dirk (Available profiles: Dirk)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\LiveUpd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2636347820-3807825714-3230885982-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.autosport.at/
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C03FF709-A07B-4859-8911-F71D0D84E441}: [NameServer] 213.162.69.170 213.162.69.2

FireFox:
========
FF ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default
FF Homepage: hxxp://www.autosport.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Firebug - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\firebug@software.joehewitt.com.xpi [2014-02-01]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-02-16]
FF Extension: PageRank - C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\7qzxmebu.default\Extensions\PageRank@addonfactory.in.xpi [2014-02-01]

Chrome: 
=======
CHR Profile: C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google-Suche) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Google Tabellen) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Google Mail) - C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-03-07] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] () [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 20:53 - 2015-02-04 20:53 - 00000000 ____D () C:\Users\Dirk\Desktop\FRST-OlderVersion
2015-02-04 20:52 - 2015-02-04 20:52 - 00000041 _____ () C:\Users\Dirk\Desktop\checkup.txt
2015-02-03 20:02 - 2015-02-03 20:02 - 00852573 _____ () C:\Users\Dirk\Desktop\SecurityCheck.exe
2015-02-03 13:05 - 2015-02-04 20:53 - 00016828 _____ () C:\Users\Dirk\Desktop\FRST.txt
2015-02-03 13:02 - 2015-02-03 13:02 - 00001014 _____ () C:\Users\Dirk\Desktop\JRT.txt
2015-02-03 12:54 - 2015-02-03 12:54 - 00002854 _____ () C:\Users\Dirk\Desktop\AdwCleaner[S0].txt
2015-02-03 12:36 - 2015-02-03 12:50 - 00000000 ____D () C:\AdwCleaner
2015-02-03 12:21 - 2015-02-03 12:21 - 00001055 _____ () C:\Users\Dirk\Desktop\mbam.txt
2015-02-03 11:58 - 2015-02-03 11:58 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-03 11:58 - 2015-02-03 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-03 11:58 - 2015-02-03 11:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-03 11:58 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-03 11:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-03 11:55 - 2015-02-03 11:55 - 02194432 _____ () C:\Users\Dirk\Desktop\AdwCleaner_4.109.exe
2015-02-03 11:55 - 2015-02-03 11:55 - 01388274 _____ (Thisisu) C:\Users\Dirk\Desktop\JRT.exe
2015-02-02 22:15 - 2015-02-02 22:15 - 00029062 _____ () C:\ComboFix.txt
2015-02-02 21:24 - 2015-02-02 22:15 - 00000000 ____D () C:\Qoobox
2015-02-02 21:24 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-02 21:24 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-02 21:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-02 21:24 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-02 21:23 - 2015-02-02 22:12 - 00000000 ____D () C:\Windows\erdnt
2015-02-02 21:16 - 2015-02-02 21:16 - 05611380 ____R (Swearware) C:\Users\Dirk\Desktop\ComboFix.exe
2015-02-02 12:30 - 2015-02-03 12:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 12:30 - 2015-02-03 12:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-02 12:30 - 2015-02-03 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 12:28 - 2015-02-02 12:28 - 00000000 ____D () C:\Users\Dirk\Desktop\mbar-1.08.3.1004
2015-02-02 12:27 - 2015-02-02 12:27 - 00000000 ____D () C:\Users\Dirk\Desktop\mbar
2015-02-02 12:27 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 12:13 - 2015-02-02 12:13 - 00001238 _____ () C:\Users\Dirk\Desktop\Revo Uninstaller.lnk
2015-02-02 12:12 - 2015-02-02 12:12 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-02 12:07 - 2015-02-02 13:13 - 00188656 _____ () C:\Users\Dirk\Desktop\Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Trojaner-Board.htm
2015-02-02 12:07 - 2015-02-02 12:07 - 00000000 ____D () C:\Users\Dirk\Desktop\Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Trojaner-Board_files
2015-02-02 12:03 - 2015-02-02 12:03 - 00001982 _____ () C:\Users\Dirk\Desktop\schritt-2-troja.txt
2015-02-02 12:02 - 2015-02-02 12:03 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Dirk\Desktop\tdsskiller.exe
2015-02-02 12:02 - 2015-02-02 12:02 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Dirk\Desktop\mbar-1.08.3.1004.exe
2015-02-02 10:23 - 2015-02-02 10:23 - 00004562 _____ () C:\Users\Dirk\Desktop\gmer.log
2015-02-01 19:56 - 2015-02-01 19:56 - 00000086 _____ () C:\Users\Dirk\Desktop\trojaboard.txt
2015-02-01 19:46 - 2015-02-01 19:47 - 00026073 _____ () C:\Users\Dirk\Desktop\Addition.txt
2015-02-01 19:44 - 2015-02-04 20:53 - 02131968 _____ (Farbar) C:\Users\Dirk\Desktop\FRST64.exe
2015-02-01 19:44 - 2015-02-04 20:53 - 00000000 ____D () C:\FRST
2015-02-01 19:42 - 2015-02-01 19:42 - 00000470 _____ () C:\Users\Dirk\Desktop\defogger_disable.log
2015-02-01 19:42 - 2015-02-01 19:42 - 00000000 _____ () C:\Users\Dirk\defogger_reenable
2015-02-01 19:41 - 2015-02-03 20:02 - 00000000 ____D () C:\Problem-Software
2015-02-01 19:41 - 2015-02-01 19:41 - 00050477 _____ () C:\Users\Dirk\Desktop\Defogger.exe
2015-01-31 15:52 - 2015-02-02 22:00 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-31 15:52 - 2015-01-31 15:52 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Users\Dirk\Documents\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-31 15:47 - 2015-01-31 15:47 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-31 15:46 - 2015-01-31 15:46 - 31390952 _____ (Simply Super Software ) C:\Users\Dirk\Downloads\trjsetup691.exe
2015-01-27 08:09 - 2015-01-27 08:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 09:31 - 2015-01-26 09:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-26 09:30 - 2015-02-04 20:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 09:30 - 2015-02-04 09:35 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 09:30 - 2015-01-26 09:31 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Google
2015-01-26 09:30 - 2015-01-26 09:31 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-26 09:30 - 2015-01-26 09:30 - 00880784 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2015-01-26 09:30 - 2015-01-26 09:30 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-26 09:30 - 2015-01-26 09:30 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-17 13:13 - 2015-01-17 13:14 - 06381120 _____ (Tim Kosse) C:\Users\Dirk\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-15 08:32 - 2015-01-15 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 07:38 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 07:38 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 07:38 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 07:38 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 07:38 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 07:38 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 07:38 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 07:38 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 07:38 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 07:38 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:38 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 07:38 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 07:38 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 08:52 - 2015-01-13 08:52 - 00000971 _____ () C:\Users\Dirk\Desktop\Zahlungen - Verknüpfung.lnk
2015-01-12 20:18 - 2015-01-12 20:18 - 00000000 ____D () C:\Windows\Sun

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 20:06 - 2014-02-12 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-04 17:34 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 17:34 - 2009-07-14 05:45 - 00036752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 22:08 - 2014-01-30 21:53 - 01215027 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 21:59 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-02-03 21:59 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-02-03 21:59 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-03 16:56 - 2014-02-06 13:14 - 00000600 _____ () C:\Users\Dirk\AppData\Roaming\winscp.rnd
2015-02-03 14:03 - 2014-01-31 19:51 - 00001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-02-03 12:55 - 2014-11-10 08:36 - 00001107 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-03 12:55 - 2014-01-31 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-03 12:55 - 2014-01-31 17:01 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-03 12:54 - 2014-01-31 18:11 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-03 12:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 12:50 - 2010-11-21 04:47 - 00174704 _____ () C:\Windows\PFRO.log
2015-02-03 12:50 - 2009-07-14 05:51 - 00084635 _____ () C:\Windows\setupact.log
2015-02-03 12:24 - 2014-02-06 15:45 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-02-03 11:26 - 2014-01-31 20:58 - 00000000 ____D () C:\Program Files (x86)\RenWiz
2015-02-02 22:15 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-02 22:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-02 22:05 - 2014-01-31 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 22:04 - 2009-07-14 03:34 - 71565312 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 18874368 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-02-02 22:04 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-02-02 22:02 - 2014-01-31 17:18 - 00000000 ____D () C:\Users\Dirk\AppData\Local\Adobe
2015-02-01 19:42 - 2014-01-30 21:59 - 00000000 ____D () C:\Users\Dirk
2015-01-25 22:23 - 2014-02-12 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 22:23 - 2014-01-31 20:21 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 22:23 - 2014-01-31 20:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 14:25 - 2014-01-31 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-17 18:09 - 2014-02-09 14:21 - 00000000 ____D () C:\Users\Dirk\AppData\Roaming\FileZilla
2015-01-17 13:14 - 2014-01-31 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-14 17:29 - 2014-01-30 22:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:24 - 2014-01-30 22:28 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-05 14:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-01-26 09:30 - 2015-01-26 09:30 - 0880784 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2014-09-18 09:01 - 2014-09-18 09:01 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-11-09 10:57 - 2014-12-21 19:03 - 0000132 _____ () C:\Users\Dirk\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-10 20:16 - 2014-07-19 04:52 - 0000138 _____ () C:\Users\Dirk\AppData\Roaming\WB.CFG
2014-02-06 13:14 - 2015-02-03 16:56 - 0000600 _____ () C:\Users\Dirk\AppData\Roaming\winscp.rnd
2014-01-31 19:51 - 2015-02-03 14:03 - 0001456 _____ () C:\Users\Dirk\AppData\Local\Adobe Save for Web 13.0 Prefs

Some content of TEMP:
====================
C:\Users\Dirk\AppData\Local\Temp\avgnt.exe
C:\Users\Dirk\AppData\Local\Temp\Quarantine.exe
C:\Users\Dirk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-02 22:32

==================== End Of Log ============================
         
--- --- ---

---

Werbung bzw. Musik habe ich jetzt schon seit gestern nicht mehr ertragen müssen. Großes Danke schon mal vorab !

Alt 05.02.2015, 07:22   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.02.2015, 09:30   #12
formelphotos
 
Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Vielen Dank für Deine Hilfe ! Spende geht heute noch auf den Bankweg.

Alt 05.02.2015, 12:05   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Standard

Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser
adware, bonjour, browser, converter, defender, desktop, device driver, entfernen, flash player, ftp, iexplore.exe, infizierte, kmspico, mozilla, musik, photoshop, problem, prozesse, registry, security, sekunden, software, super, svchost.exe, trojan, warnung, werbung, windows



Ähnliche Themen: Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser


  1. WIN 8.1 64bit: auch ich habe musik im hintergrund laufen - prozesse teilweise SEHR lahm! ;-(
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (7)
  2. Sehr viel Werbung so wie Hintergrund Musik
    Plagegeister aller Art und deren Bekämpfung - 09.03.2015 (5)
  3. Musik, Nachrichten und Werbung ohne Browser etc.
    Log-Analyse und Auswertung - 13.01.2015 (19)
  4. Musik im Hintergrund (von FB )
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (1)
  5. Werbung und Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (12)
  6. Windows 7, bei Firefox öffnet sich ab und an graues Fenster und bei geschlossenem browser kommt die website von Survey Monkey Powered Online
    Log-Analyse und Auswertung - 21.11.2013 (9)
  7. Musik im Hintergrund wenn Browser offen ist WIN7
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (19)
  8. Werbung / Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 04.02.2011 (1)
  9. musik im hintergrund auch nach formatierung noch nicht weg
    Plagegeister aller Art und deren Bekämpfung - 28.12.2010 (1)
  10. Alle Browser spielen verrückt, Musik im Hintergrund - Verdacht auf einiges Ungeziefer
    Log-Analyse und Auswertung - 23.11.2010 (6)
  11. Travianer Werbung und andere komische Musik/Tracks im Hintergrund auch ohne geöffnete Explorer ...?!
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (15)
  12. Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 22.08.2010 (34)
  13. Nervige Musik im Hintergrund, Werbung öffnet sich iexplorer.exe virus eingefangen ?
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (25)
  14. Nervige musik in Hintergrund, wave Regeler auf null, Explorer öffnet Werbung
    Plagegeister aller Art und deren Bekämpfung - 23.07.2010 (12)
  15. Wave aus, klick geräusche,hintergrund musik, internet explorer mit werbung öffnet sich...was tun ?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2010 (6)
  16. Musik im Hintergrund, I-Explorer öffnet Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.07.2010 (3)
  17. dauernd popups auch bei geschlossenem browser
    Log-Analyse und Auswertung - 16.09.2008 (4)

Zum Thema Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser - Seit einigen Tagen kommt alle paar Minuten hörbar Werbung (Axe, Sensodyne, etc.) oder für ein paar Sekunden Musik, und zwar auch nachdem der Browser und alle anderen Programme geschlossen wurden. - Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser...
Archiv
Du betrachtest: Werbung bzw. Musik im Hintergrund - auch bei geschlossenem Browser auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.