Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
malware aal entfernen Antivir -Programme erkennen nichts

malware aal entfernen Antivir -Programme erkennen nichts


Plagegeister aller Art und deren Bekämpfung: malware aal entfernen Antivir -Programme erkennen nichts

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 31.03.2015, 20:51   #1
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Icon21

malware aal entfernen Antivir -Programme erkennen nichts


Hallo,

habe wohl einen Aal im System.
In einem Registrierungseingträgen waren genannt Avira, Mozilla, PC Inspector, Antivir-Programme, Flashplayer, Java-Verknüpfung, AVG, System Explorer, TomTom, Western Digital, WD Photogalerie, , Standartkonto, Netcologne-Dateien, FF.

Äußert sich durch:
START Vista 9 Programme angegeben, die 4 Festeinstellungen Mozilla FF / Internet, WD Mail ... sind weg.
Drucken nicht möglich (Epson 3xbunt, 1 x sw), es werden 1 bis 2 "leere" Patronen angegeben, Epson Status Monitor läßt sich nur sehr langsam schließen (TaskManager beenden) mehrmaliges Beenden nötig.

Internetzugang gestört. Updates von AVG Internet Security 2015 und AVG Tune Up 2015 finden nicht statt ( allgemeine Fehler werden gemeldet).

Win Patrol meldet immer wieder ein neues Programm mit 10 Nr.: 14 27 70 24 00 .
Die Nummer variirt im Zeitablauf. Es wird weder eine Icon, Beschreibung, Company oder Version angegeben.
Einzig im System Explorer war die PID 4. Gefunden habe ich diese Programm nicht.

Zufällig ergab sich bei einem Reg-Eintrag, 87.000 Bytes, der Begriff Aal.
Weiter die oben angegebenen Programme / BS-Teile.

S+D meldet alles sauber bzw. bedenkenlos. AVG Internet Security ebenfalls. Manchmal fällt der System-Explorer aus oder gibt die History (Aufrufe und Ende der Programme / Dienste) nicht vollständig wieder oder hängt.

Reg-Einträge werden von der Malware wieder zum Ursprung gebracht.

Bitte um Hilfe.

Gruß Peter

Alt 01.04.2015, 05:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 01.04.2015, 22:38   #3
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Hallo,
FRST.txt u Addition.txt nachstehend
[/CODE]
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Standartkonto (ATTENTION: The logged in user is not administrator) on PETER-VERA-PC on 01-04-2015 23:30:13
Running from C:\Users\Standartkonto\Desktop
Loaded Profiles: peter & Standartkonto & Gast (Available profiles: peter & Standartkonto & Gast)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> avgrsx.exe
Failed to access process -> avgcsrvx.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> Ati2evxx.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> SLsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> Ati2evxx.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> SASCore.exe
Failed to access process -> avgfws.exe
Failed to access process -> avgidsagent.exe
Failed to access process -> avgwdsvc.exe
Failed to access process -> LSSrvc.exe
Failed to access process -> RichVideo.exe
Failed to access process -> SDFSSvc.exe
Failed to access process -> avgnsx.exe
Failed to access process -> avgemcx.exe
Failed to access process -> SDUpdSvc.exe
Failed to access process -> svchost.exe
Failed to access process -> TuneUpUtilitiesService32.exe
Failed to access process -> svchost.exe
Failed to access process -> SDWSCSvc.exe
Failed to access process -> NisSrv.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
Failed to access process -> WmiPrvSE.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Failed to access process -> svchost.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Standartkonto\Desktop\FRST(1).exe
Failed to access process -> MpCmdRun.exe
Failed to access process -> MpCmdRun.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> TrustedInstaller.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [363752 2012-09-20] (BillP Studios)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1765665137-1713434591-3169019743-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1765665137-1713434591-3169019743-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6718744 2015-03-26] (SUPERAntiSpyware)
HKU\S-1-5-21-1765665137-1713434591-3169019743-1001\...\Run: [EPSON Stylus DX5000 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE [139264 2006-09-22] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1765665137-1713434591-3169019743-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\acer.scr [17100800 2008-11-11] (Acer)
IFEO\excel.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\framework.launcher.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\oaa.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\pptview.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\psi.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\psi_tray.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\systemexplorer.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\tomtomhome.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-1765665137-1713434591-3169019743-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1765665137-1713434591-3169019743-1001] => http=www-proxy.netcologne.de:8080;https=www-proxy.netcologne.de:8080;ftp=ftp-proxy.netcologne.de:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer | explore beyond limits
HKU\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-1765665137-1713434591-3169019743-1000] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: [S-1-5-21-1765665137-1713434591-3169019743-501] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
SearchScopes: HKU\S-1-5-21-1765665137-1713434591-3169019743-1001 -> {481A1C90-344A-477B-ACAE-CAFCDDA6C9F9} URL = 
SearchScopes: HKU\S-1-5-21-1765665137-1713434591-3169019743-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-1765665137-1713434591-3169019743-1001 -> {9453C26C-D098-4C57-9552-995659BD0FCF} URL = 
Toolbar: HKU\S-1-5-21-1765665137-1713434591-3169019743-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-21] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)
Tcpip\..\Interfaces\{E3A23B47-A1BA-4710-96B1-A128EE091991}: [NameServer] 81.173.194.68 213.168.112.60

FireFox:
========
FF ProfilePath: C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default
FF Homepage: netcologne.de
FF NetworkProxy: "type", 4
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\searchplugins\ask-search.xml [2014-02-22]
FF Extension: FoxyProxy Standard - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\foxyproxy@eric.h.jung [2015-02-07]
FF Extension: WOT - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-13]
FF Extension: Ghostery - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\firefox@ghostery.com.xpi [2014-01-13]
FF Extension: Lightbeam - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-01-13]
FF Extension: IP2Location IP Geolocation Plugin - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\{116ee800-4ed0-11e0-b8af-0800200c9a66}.xpi [2015-01-10]
FF Extension: NoScript - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-13]
FF Extension: Gutscheinaffe - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2014-01-13]
FF Extension: ImTranslator - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-01-13]
FF Extension: Adblock Plus - C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-24]
StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S4 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [69632 2008-10-04] () [File not signed]
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-11-28] () [File not signed]
R2 iphlpsvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 RichVideo; c:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
S4 TomTomHOMEService; D:\STRABAG TomTom Home 2\TomTomHOMEService.exe [93072 2013-08-27] (TomTom)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2165560 2014-11-24] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [150560 2008-08-26] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-11-24] (TuneUp Software)
S2 adfs; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 BIOSCHK; \??\C:\Users\peter\AppData\Local\Temp\TII200A.tmp\disk1\BIOSCHK.SYS [X]
S3 catchme; \??\C:\Users\peter\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 23:30 - 2015-04-01 23:33 - 00019063 _____ () C:\Users\Standartkonto\Desktop\FRST.txt
2015-04-01 22:59 - 2015-04-01 23:00 - 01135104 _____ (Farbar) C:\Users\Standartkonto\Desktop\FRST(1).exe
2015-04-01 22:59 - 2015-04-01 22:59 - 02095616 _____ (Farbar) C:\Users\Standartkonto\Desktop\FRST64.exe
2015-03-31 22:04 - 2015-03-31 22:04 - 00000000 ____D () C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2015-03-31 22:04 - 2015-03-31 22:04 - 00000000 ____D () C:\Program Files\AnalogX
2015-03-31 19:31 - 2015-03-31 19:31 - 00000000 __RSD () C:\Users\Standartkonto\Documents\My Stationery
2015-03-30 18:37 - 2015-03-30 18:37 - 00000227 _____ () C:\Users\peter\Documents\Sys Explor Mo 30 03 15 Progr nur Nr.txt
2015-03-30 10:12 - 2015-03-30 10:12 - 00004444 _____ () C:\Users\peter\Documents\def Mo 20150330 D 1 S   15 MB s.txt
2015-03-30 10:11 - 2015-03-30 10:11 - 00027668 _____ () C:\Users\peter\Documents\de Mo 20150330 C 5 S W Patrol neues Progr nur Nr.txt
2015-03-29 12:32 - 2015-03-29 12:32 - 00004444 _____ () C:\Users\peter\Documents\def So 20150329  D 1 S 32 C 4  n Aal Angrif.txt
2015-03-29 12:17 - 2015-03-29 12:17 - 00017888 _____ () C:\Users\peter\Documents\def So 20150329  C  31 S n Aal Angrif.txt
2015-03-28 15:31 - 2015-03-28 15:31 - 00004444 _____ () C:\Users\peter\Documents\def Sa 20150328 D 1 S   30 MB s.txt
2015-03-28 15:28 - 2015-03-28 15:28 - 00004754 _____ () C:\Users\peter\Documents\def Sa 20150328 C 1 S   42 MB s.txt
2015-03-27 18:15 - 2015-03-27 18:15 - 00004444 _____ () C:\Users\peter\Documents\def Fr 20150327  D 1 SLö 2369 Junk Mails 32 MB s.txt
2015-03-27 18:12 - 2015-03-27 18:12 - 00022186 _____ () C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails 6 MB s.txt
2015-03-27 18:11 - 2015-03-27 18:11 - 00022124 _____ () C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails.txt
2015-03-26 21:32 - 2015-03-26 21:32 - 03209401 _____ () C:\Users\peter\Desktop\TeamSpybot-20150326-203233.cab
2015-03-26 21:30 - 2015-03-26 21:30 - 03207307 _____ () C:\Users\peter\Desktop\TeamSpybot-20150326-203014.cab
2015-03-24 07:43 - 2015-03-24 07:43 - 00027734 _____ () C:\Users\peter\Documents\DEF Di 24 03 15 C 4 S 2 MB s vor Junk 3000 AVG löschj.txt
2015-03-22 23:13 - 2015-03-22 23:14 - 00000000 ____D () C:\Users\peter\Documents\Z 2 Standart Kto Anfrage AVG Update
2015-03-22 21:47 - 2015-03-22 21:47 - 01919272 _____ (Mister Group ) C:\Users\peter\Downloads\SystemExplorerSetup_640.exe
2015-03-22 17:53 - 2015-03-22 21:25 - 00000000 ____D () C:\Users\peter\Documents\Z 1 Admin BKto Sichh BS
2015-03-21 19:52 - 2015-03-21 19:52 - 00001974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-21 19:52 - 2015-03-21 19:52 - 00001962 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 19:52 - 2015-03-21 19:52 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-21 19:52 - 2013-09-20 11:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-03-21 14:57 - 2015-03-21 14:57 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVG
2015-03-21 14:54 - 2015-03-21 14:54 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVG2015
2015-03-21 14:53 - 2015-03-21 19:48 - 00000000 ____D () C:\Users\Gast\AppData\Local\Avg2015
2015-03-21 14:52 - 2015-03-21 14:52 - 00000000 ____D () C:\Users\Gast\AppData\Local\Avg
2015-03-20 07:17 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-20 07:16 - 2015-02-26 02:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-20 07:16 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-20 07:07 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-20 07:07 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-20 07:06 - 2015-02-26 04:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-20 07:06 - 2015-02-26 04:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-20 07:06 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-20 07:06 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-20 07:06 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-20 07:03 - 2015-03-06 06:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-20 07:02 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-20 07:01 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 23:08 - 2015-03-14 23:08 - 00000008 _____ () C:\Users\Standartkonto\Desktop\MSDOSnc.txt
2015-03-12 19:18 - 2008-01-21 04:42 - 00000230 _____ () C:\Users\Standartkonto\Desktop\Control Panel - Kopie.lnk
2015-03-10 22:53 - 2015-02-21 19:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 22:53 - 2015-02-21 19:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-10 22:53 - 2015-02-21 19:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 22:53 - 2015-02-21 19:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 22:53 - 2015-02-21 19:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 22:53 - 2015-02-21 19:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 22:53 - 2015-02-21 19:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 22:53 - 2015-02-21 19:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-10 22:53 - 2015-02-21 19:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-10 22:53 - 2015-02-21 19:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 22:53 - 2015-02-21 19:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-10 22:53 - 2015-02-21 19:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 22:53 - 2015-02-21 19:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 22:53 - 2015-02-21 19:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-10 22:53 - 2015-02-21 19:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-10 22:53 - 2015-02-21 19:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-10 22:53 - 2015-02-21 19:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 22:53 - 2015-02-21 19:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 22:53 - 2015-02-21 19:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-10 22:53 - 2015-02-21 19:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-10 22:53 - 2015-02-21 19:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-10 22:53 - 2015-02-21 19:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-01 23:33 - 2009-08-17 17:19 - 01120601 _____ () C:\Windows\WindowsUpdate.log
2015-04-01 23:30 - 2013-07-15 03:14 - 00000000 ____D () C:\FRST
2015-04-01 23:26 - 2006-11-02 12:33 - 01567460 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-01 23:25 - 2014-12-15 00:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-01 23:18 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-01 23:18 - 2006-11-02 14:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-01 23:18 - 2006-11-02 14:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-01 23:12 - 2012-10-04 12:42 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-01 17:59 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\tracing
2015-04-01 13:47 - 2015-01-10 03:15 - 00002878 _____ () C:\Windows\PFRO.log
2015-03-31 22:26 - 2009-09-27 13:06 - 00000000 ____D () C:\Program Files\Adobe
2015-03-31 22:26 - 2009-01-22 20:28 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-31 22:26 - 2009-01-22 20:28 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-28 09:43 - 2008-02-06 02:58 - 00000749 ___RH () C:\Windows\WindowsShell.Manifest
2015-03-26 22:51 - 2009-09-20 11:54 - 00000000 ____D () C:\Users\peter\AppData\Local\Adobe
2015-03-26 22:44 - 2013-04-25 10:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-22 13:41 - 2009-09-08 20:42 - 00000000 ____D () C:\Users\peter\AppData\Local\VirtualStore
2015-03-22 13:36 - 2012-12-01 10:13 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-03-21 19:52 - 2010-04-05 14:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-21 15:25 - 2009-11-04 22:13 - 00001832 _____ () C:\Users\Gast\Desktop\Cyberlink PowerDirector.lnk
2015-03-21 14:54 - 2009-11-04 22:13 - 00078600 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-20 16:34 - 2006-11-02 14:47 - 02261216 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-20 07:17 - 2009-01-22 20:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-20 07:16 - 2013-07-23 16:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-20 07:08 - 2006-11-02 12:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-15 19:58 - 2014-03-04 12:05 - 00000000 ____D () C:\Users\Standartkonto\Documents\A 2014 FP C gesamt
2015-03-03 15:16 - 2009-11-22 12:57 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-02 23:18 - 2012-11-25 00:56 - 00000887 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2015-03-02 23:18 - 2012-11-25 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2015-03-02 23:18 - 2012-11-25 00:56 - 00000000 ____D () C:\Program Files\System Explorer

==================== Files in the root of some directories =======

2015-02-01 23:59 - 2015-02-01 23:59 - 0000000 _____ () C:\Users\Standartkonto\AppData\Roaming\cookies.sqlite
2013-07-31 13:54 - 2013-07-31 13:54 - 0000273 _____ () C:\Users\Standartkonto\AppData\Roaming\Safer-Networking.log
2015-01-04 21:01 - 2015-01-04 21:01 - 0024064 _____ () C:\Users\Standartkonto\AppData\Roaming\UserTile.png
2010-10-24 09:25 - 2013-02-24 21:34 - 0000536 _____ () C:\Users\Standartkonto\AppData\Roaming\wklnhst.dat
2010-11-27 07:03 - 2010-11-27 07:03 - 0000552 _____ () C:\Users\Standartkonto\AppData\Local\d3d8caps.dat
2010-07-25 11:33 - 2014-08-02 17:59 - 0001356 _____ () C:\Users\Standartkonto\AppData\Local\d3d9caps.dat
2010-11-28 09:04 - 2012-12-03 21:35 - 0007168 _____ () C:\Users\Standartkonto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-09 10:27 - 2012-09-09 10:27 - 0017408 _____ () C:\Users\Standartkonto\AppData\Local\WebpageIcons.db
2009-08-17 17:41 - 2009-08-17 17:43 - 0006073 _____ () C:\ProgramData\ArcadeDeluxe2.log
2014-06-09 10:25 - 2014-06-09 10:25 - 0000096 _____ () C:\ProgramData\defraggler_list.txt

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---
[CODE]

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Standartkonto at 2015-04-01 23:34:14
Running from C:\Users\Standartkonto\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.07 beta (HKLM\...\7-Zip) (Version:  - )
Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5817 - CyberLink Corp.)
Acer Arcade Deluxe (Version: 2.0.5817 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam 2.0.9.2 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.9.2 - SuYin)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3009 - CyberLink Corp.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3065 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3013 - Acer Incorporated)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3016 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3014 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.10 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.01.1111 - Acer Incorporated)
Advanced IP Scanner (HKLM\...\{DA5DEB6B-E108-4652-BFEC-C9B95446F244}) (Version: 2.2.224 - Famatech)
AnalogX Script Defender (HKLM\...\AnalogX Script Defender) (Version:  - AnalogX)
ATI Catalyst Install Manager (HKLM\...\{6B58131B-E1C3-9FC8-160C-C1E01B200C94}) (Version: 3.0.704.0 - ATI Technologies, Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4321 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (de-DE) (Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (Version: 15.0.1001.238 - AVG Technologies) Hidden
C:\Program Files\Acer GameZone\GameConsole (HKLM\...\{71C2828F-2678-4675-BDEC-895424861262}_is1) (Version: 2.0.1.2 - Oberon Media, Inc.)
ccc-core-static (Version: 2008.1210.1623.29379 - Ihr Firmenname) Hidden
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Content Manager 2 (HKLM\...\Content Manager 2) (Version: 3.18.0.342250 - NNG Llc.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.3023d - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000201 - esobi Inc.)
eSobi v2 (Version: 2.0.3.000201 - esobi Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version:  - )
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version:  - )
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
LOGO!Soft Comfort V7.0  (HKLM\...\LOGO!Soft Comfort V7.0 ) (Version: 7.0.0.0 - Siemens AG)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 16.0 (x86 de) (HKLM\...\Mozilla Firefox 16.0 (x86 de)) (Version: 16.0 - Mozilla)
Mozilla Firefox 36.0.4 (x86 de) (HKLM\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version:  - Oberon Media)
Mythic Mahjong (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113919217}) (Version:  - Oberon Media)
Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nero OEM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nuvoton EC Generic HID Driver (HKLM\...\{302E9B7B-2B6A-4C29-9A02-9F2110649779}) (Version: 7.80.5000 - Nuvoton Technology Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.0.1 - Convesoft)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
Print Server Support (HKLM\...\{418EF145-944B-4EBC-A755-9F15AEDFB08B}) (Version: 1.00.0000 - Siemens)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5704 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RegAlyzer (HKLM\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
Secunia PSI (3.0.0.3001) (HKLM\...\Secunia PSI) (Version: 3.0.0.3001 - Secunia)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM\...\{C028926D-C914-420C-9EB9-76A185C371CA}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
Skins (Version: 2008.1210.1623.29379 - ATI) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 6.3.2 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2012-10-07 15:12 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => 
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => 
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => 
Task: C:\Windows\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E}.job => 

==================== Loaded Modules (whitelisted) ==============

2009-08-18 02:02 - 2008-12-11 03:05 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2014-11-24 13:49 - 2014-11-24 13:49 - 00730936 _____ () C:\Program Files\AVG\AVG PC TuneUp\tulngx.dll
2012-09-23 15:35 - 2012-06-20 23:23 - 00599419 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2015-03-21 19:52 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-21 19:52 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-21 19:52 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\peter:zylomtest
AlternateDataStreams: C:\Users\peter:zylomtr{000HQ7FF-AD7A-3FG1-3BG4-281NL05DCVUC}
AlternateDataStreams: C:\Users\peter:zylomtr{000HQ7FF-AD7A-3FG3-VK8A-25GG67KOIVV7}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1765665137-1713434591-3169019743-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 81.173.194.68 - 213.168.112.60

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: MpsSvc => 2

==================== Accounts: =============================

Administrator (S-1-5-21-1765665137-1713434591-3169019743-500 - Administrator - Disabled)
Gast (S-1-5-21-1765665137-1713434591-3169019743-501 - Limited - Disabled) => C:\Users\Gast
peter (S-1-5-21-1765665137-1713434591-3169019743-1000 - Administrator - Enabled) => C:\Users\peter
Standartkonto (S-1-5-21-1765665137-1713434591-3169019743-1001 - Limited - Enabled) => C:\Users\Standartkonto

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2015 11:26:46 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={A55F3560-66C8-451E-8914-0B1BA97A2E07}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 815.

Error: (04/01/2015 11:26:18 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={7431000A-1618-41E5-9B4B-6E7AC71D4971}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 815.

Error: (04/01/2015 11:19:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2015 11:12:42 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (04/01/2015 11:12:27 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={E54EDB2F-4B6B-4333-838F-AFD064EE88B7}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 813.

Error: (04/01/2015 11:11:53 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={954BE977-44CB-455A-8193-53CA82C4C015}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 813.

Error: (04/01/2015 11:11:46 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={ED40F80F-BAE2-4E59-A27A-9DA056772593}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 813.

Error: (04/01/2015 11:11:40 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={A49A3634-A219-41B9-8DA8-87FC1B631D42}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 813.

Error: (04/01/2015 11:11:33 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={C15CEA7D-8F75-48E8-8F92-333D9E69B322}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 813.

Error: (04/01/2015 11:11:27 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={B3F5A707-CDFF-46DD-9BD8-3703EC446594}: Der Benutzer "peter-vera-PC\Standartkonto" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 813.


System errors:
=============
Error: (04/01/2015 11:19:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2

Error: (04/01/2015 11:19:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (04/01/2015 11:18:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\RAIHV.dll126

Error: (04/01/2015 11:18:01 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.

Error: (04/01/2015 11:17:39 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.

Error: (04/01/2015 10:20:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1077.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/01/2015 01:48:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: adfs%%2

Error: (04/01/2015 01:48:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (04/01/2015 01:47:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\RAIHV.dll126

Error: (04/01/2015 01:47:26 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-04-01 23:32:42.094
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 23:32:41.155
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 23:32:40.289
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 23:32:39.401
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 22:59:29.162
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 22:59:28.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 22:59:27.548
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 22:59:26.793
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 22:59:25.123
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-01 22:59:24.311
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 60%
Total physical RAM: 3065.93 MB
Available physical RAM: 1220.33 MB
Total Pagefile: 6555.22 MB
Available Pagefile: 4491.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.02 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:225.99 GB) (Free:139.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:226.03 GB) (Free:149.78 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
--- --- ---
__________________
Alt 02.04.2015, 10:18   #4
schrauber
/// the machine
/// TB-Ausbilder
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Unsere Tools brauchen immer Adminrechte!


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.04.2015, 15:43   #5
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Hi,

Kein mbar-Fund, daher 2. Lauf.

Updates wurde bei TDSSKiller nicht gezogen, Meldung Host not found. 2mal gestartet, je mit Neustart.

Dateien wegen Größe angehangen.

TDSSKiller log 2.4.15, 15.51 h


Code:
ATTFilter
15:46:37.0412 0x1674  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:46:41.0890 0x1674  ============================================================
15:46:41.0890 0x1674  Current date / time: 2015/04/02 15:46:41.0890
15:46:41.0890 0x1674  SystemInfo:
15:46:41.0890 0x1674  
15:46:41.0890 0x1674  OS Version: 6.0.6002 ServicePack: 2.0
15:46:41.0890 0x1674  Product type: Workstation
15:46:41.0890 0x1674  ComputerName: PETER-VERA-PC
15:46:41.0890 0x1674  UserName: peter
15:46:41.0890 0x1674  Windows directory: C:\Windows
15:46:41.0890 0x1674  System windows directory: C:\Windows
15:46:41.0890 0x1674  Processor architecture: Intel x86
15:46:41.0890 0x1674  Number of processors: 2
15:46:41.0890 0x1674  Page size: 0x1000
15:46:41.0890 0x1674  Boot type: Normal boot
15:46:41.0890 0x1674  ============================================================
15:46:44.0448 0x1674  KLMD registered as C:\Windows\system32\drivers\98172596.sys
15:46:44.0854 0x1674  System UUID: {809D2086-A496-CA25-0DE1-044877288803}
15:46:46.0429 0x1674  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:46:46.0445 0x1674  ============================================================
15:46:46.0445 0x1674  \Device\Harddisk0\DR0:
15:46:46.0445 0x1674  MBR partitions:
15:46:46.0445 0x1674  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x157C800, BlocksNum 0x1C3FB800
15:46:46.0445 0x1674  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D978000, BlocksNum 0x1C40D800
15:46:46.0445 0x1674  ============================================================
15:46:46.0507 0x1674  C: <-> \Device\Harddisk0\DR0\Partition1
15:46:46.0570 0x1674  D: <-> \Device\Harddisk0\DR0\Partition2
15:46:46.0570 0x1674  ============================================================
15:46:46.0570 0x1674  Initialize success
15:46:46.0570 0x1674  ============================================================
15:46:54.0104 0x13e8  ============================================================
15:46:54.0104 0x13e8  Scan started
15:46:54.0104 0x13e8  Mode: Manual; 
15:46:54.0104 0x13e8  ============================================================
15:46:54.0104 0x13e8  KSN ping started
15:46:54.0136 0x13e8  KSN ping finished: false
15:46:54.0853 0x13e8  ================ Scan system memory ========================
15:46:54.0853 0x13e8  System memory - ok
15:46:54.0853 0x13e8  ================ Scan services =============================
15:46:54.0962 0x13e8  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:46:54.0962 0x13e8  !SASCORE - ok
15:46:55.0134 0x13e8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:46:55.0150 0x13e8  ACPI - ok
15:46:55.0150 0x13e8  adfs - ok
15:46:55.0181 0x13e8  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:46:55.0196 0x13e8  adp94xx - ok
15:46:55.0228 0x13e8  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:46:55.0228 0x13e8  adpahci - ok
15:46:55.0259 0x13e8  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:46:55.0259 0x13e8  adpu160m - ok
15:46:55.0290 0x13e8  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:46:55.0290 0x13e8  adpu320 - ok
15:46:55.0337 0x13e8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:46:55.0337 0x13e8  AeLookupSvc - ok
15:46:55.0384 0x13e8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
15:46:55.0384 0x13e8  AFD - ok
15:46:55.0399 0x13e8  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:46:55.0399 0x13e8  agp440 - ok
15:46:55.0430 0x13e8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:46:55.0430 0x13e8  aic78xx - ok
15:46:55.0477 0x13e8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
15:46:55.0477 0x13e8  ALG - ok
15:46:55.0493 0x13e8  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
15:46:55.0493 0x13e8  aliide - ok
15:46:55.0508 0x13e8  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:46:55.0524 0x13e8  amdagp - ok
15:46:55.0540 0x13e8  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
15:46:55.0540 0x13e8  amdide - ok
15:46:55.0555 0x13e8  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:46:55.0555 0x13e8  AmdK7 - ok
15:46:55.0586 0x13e8  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:46:55.0586 0x13e8  AmdK8 - ok
15:46:55.0618 0x13e8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
15:46:55.0618 0x13e8  Appinfo - ok
15:46:55.0649 0x13e8  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
15:46:55.0649 0x13e8  arc - ok
15:46:55.0664 0x13e8  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:46:55.0664 0x13e8  arcsas - ok
15:46:55.0774 0x13e8  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:46:55.0774 0x13e8  aspnet_state - ok
15:46:55.0805 0x13e8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:55.0805 0x13e8  AsyncMac - ok
15:46:55.0836 0x13e8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
15:46:55.0836 0x13e8  atapi - ok
15:46:55.0883 0x13e8  [ 740B9B4140CACCD0513D999EAB488E48, 14DBD7F2681EB4E48239A30E274A2F7D6ED75977BCCDDA20B9A7D7B13167C5ED ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:46:55.0898 0x13e8  Ati External Event Utility - ok
15:46:56.0117 0x13e8  [ 7526AD10925D1AA9E4E6B0FB393B701F, C3E8F4D99C7A206C48AC5EC79FB7BFD35F4B8CF03DA56B54F2529155AB141566 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:46:56.0210 0x13e8  atikmdag - ok
15:46:56.0257 0x13e8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:56.0273 0x13e8  AudioEndpointBuilder - ok
15:46:56.0288 0x13e8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:46:56.0304 0x13e8  Audiosrv - ok
15:46:56.0366 0x13e8  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
15:46:56.0366 0x13e8  Avgdiskx - ok
15:46:56.0413 0x13e8  [ 7F9B01CE297EF4D54C5C4D736D22CF96, 7B13DE8346FE8218CA1D3ECFBD610B0292606318BA863D2C0941B6D3F55FB788 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6x.sys
15:46:56.0413 0x13e8  Avgfwfd - ok
15:46:56.0507 0x13e8  [ D6916995A3736E41224FC757E6520060, 374927C9AA4FDEE2AC4A66323D80F79216B19FFD0D42F252208E9F56FCEEC13C ] avgfws          C:\Program Files\AVG\AVG2015\avgfws.exe
15:46:56.0538 0x13e8  avgfws - ok
15:46:56.0694 0x13e8  [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent     C:\Program Files\AVG\AVG2015\avgidsagent.exe
15:46:56.0756 0x13e8  AVGIDSAgent - ok
15:46:56.0788 0x13e8  [ EB1AA821F99D5D2DA05511AE8D4704C4, 68AE41B7DA35200B24E27733DC05D9DA1F2D4C98524531AB8F1BD2AB4AFC831C ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:46:56.0803 0x13e8  AVGIDSDriver - ok
15:46:56.0850 0x13e8  [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
15:46:56.0850 0x13e8  AVGIDSHX - ok
15:46:56.0881 0x13e8  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:46:56.0897 0x13e8  AVGIDSShim - ok
15:46:56.0912 0x13e8  [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
15:46:56.0928 0x13e8  Avgldx86 - ok
15:46:56.0959 0x13e8  [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
15:46:56.0959 0x13e8  Avglogx - ok
15:46:56.0990 0x13e8  [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
15:46:56.0990 0x13e8  Avgmfx86 - ok
15:46:57.0006 0x13e8  [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
15:46:57.0006 0x13e8  Avgrkx86 - ok
15:46:57.0022 0x13e8  [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
15:46:57.0037 0x13e8  Avgtdix - ok
15:46:57.0068 0x13e8  [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd           C:\Program Files\AVG\AVG2015\avgwdsvc.exe
15:46:57.0068 0x13e8  avgwd - ok
15:46:57.0115 0x13e8  [ 6FB43F0DADB3FDC287D080C19666AF8D, D2AA2172CEAF5954E4F04728D1BC9EA7C47A20E8918E876287FC766895FB617A ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:46:57.0115 0x13e8  b57nd60x - ok
15:46:57.0146 0x13e8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:46:57.0146 0x13e8  Beep - ok
15:46:57.0178 0x13e8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
15:46:57.0209 0x13e8  BFE - ok
15:46:57.0334 0x13e8  BIOSCHK - ok
15:46:57.0396 0x13e8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
15:46:57.0412 0x13e8  BITS - ok
15:46:57.0443 0x13e8  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:46:57.0443 0x13e8  blbdrive - ok
15:46:57.0474 0x13e8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:46:57.0474 0x13e8  bowser - ok
15:46:57.0490 0x13e8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:46:57.0490 0x13e8  BrFiltLo - ok
15:46:57.0521 0x13e8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:46:57.0521 0x13e8  BrFiltUp - ok
15:46:57.0552 0x13e8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
15:46:57.0552 0x13e8  Browser - ok
15:46:57.0568 0x13e8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:46:57.0568 0x13e8  Brserid - ok
15:46:57.0599 0x13e8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:46:57.0599 0x13e8  BrSerWdm - ok
15:46:57.0614 0x13e8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:46:57.0614 0x13e8  BrUsbMdm - ok
15:46:57.0630 0x13e8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:46:57.0630 0x13e8  BrUsbSer - ok
15:46:57.0661 0x13e8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:46:57.0677 0x13e8  BTHMODEM - ok
15:46:57.0677 0x13e8  catchme - ok
15:46:57.0692 0x13e8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:46:57.0692 0x13e8  cdfs - ok
15:46:57.0724 0x13e8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:46:57.0724 0x13e8  cdrom - ok
15:46:57.0739 0x13e8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
15:46:57.0739 0x13e8  CertPropSvc - ok
15:46:57.0755 0x13e8  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:46:57.0770 0x13e8  circlass - ok
15:46:57.0802 0x13e8  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
15:46:57.0802 0x13e8  CLFS - ok
15:46:57.0926 0x13e8  [ 8B67044AE0621C005245EF62EEF0746F, 6FF9F96CAB3861AD444596FFF20EBE2BDDD98176392DF98C46C821360B0B1E01 ] CLHNService     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
15:46:57.0926 0x13e8  CLHNService - ok
15:46:57.0973 0x13e8  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:57.0973 0x13e8  clr_optimization_v2.0.50727_32 - ok
15:46:58.0020 0x13e8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:58.0020 0x13e8  clr_optimization_v4.0.30319_32 - ok
15:46:58.0082 0x13e8  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:58.0082 0x13e8  CmBatt - ok
15:46:58.0098 0x13e8  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:46:58.0098 0x13e8  cmdide - ok
15:46:58.0114 0x13e8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:46:58.0114 0x13e8  Compbatt - ok
15:46:58.0114 0x13e8  COMSysApp - ok
15:46:58.0129 0x13e8  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:46:58.0129 0x13e8  crcdisk - ok
15:46:58.0145 0x13e8  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:46:58.0145 0x13e8  Crusoe - ok
15:46:58.0176 0x13e8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:46:58.0192 0x13e8  CryptSvc - ok
15:46:58.0254 0x13e8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:46:58.0254 0x13e8  DcomLaunch - ok
15:46:58.0301 0x13e8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:46:58.0301 0x13e8  DfsC - ok
15:46:58.0394 0x13e8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:46:58.0488 0x13e8  DFSR - ok
15:46:58.0519 0x13e8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:46:58.0519 0x13e8  Dhcp - ok
15:46:58.0535 0x13e8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:46:58.0535 0x13e8  disk - ok
15:46:58.0566 0x13e8  [ 73BAF270D24FE726B9CD7F80BB17A23D, 12ADFB26C16A7D3F623C1A6B72D4C6AB9163EBC93CF13CB2AC6897FB95E96105 ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
15:46:58.0566 0x13e8  DKbFltr - ok
15:46:58.0613 0x13e8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:46:58.0613 0x13e8  Dnscache - ok
15:46:58.0644 0x13e8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
15:46:58.0660 0x13e8  dot3svc - ok
15:46:58.0706 0x13e8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
15:46:58.0706 0x13e8  DPS - ok
15:46:58.0738 0x13e8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:46:58.0738 0x13e8  drmkaud - ok
15:46:58.0784 0x13e8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:46:58.0784 0x13e8  DXGKrnl - ok
15:46:58.0831 0x13e8  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:46:58.0831 0x13e8  E1G60 - ok
15:46:58.0862 0x13e8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:46:58.0862 0x13e8  EapHost - ok
15:46:58.0909 0x13e8  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:46:58.0909 0x13e8  Ecache - ok
15:46:59.0003 0x13e8  [ B1F2503E23425B386DF0F3413B2596F3, 02FB1FA57679DBFF2E13641AB7C24CC28D5A4CFB0C51B7A617D3A3A406B8DF0C ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:46:59.0018 0x13e8  eDataSecurity Service - ok
15:46:59.0081 0x13e8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:46:59.0096 0x13e8  ehRecvr - ok
15:46:59.0112 0x13e8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
15:46:59.0128 0x13e8  ehSched - ok
15:46:59.0174 0x13e8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
15:46:59.0174 0x13e8  ehstart - ok
15:46:59.0206 0x13e8  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:46:59.0221 0x13e8  elxstor - ok
15:46:59.0284 0x13e8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:46:59.0299 0x13e8  EMDMgmt - ok
15:46:59.0330 0x13e8  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:46:59.0330 0x13e8  ErrDev - ok
15:46:59.0362 0x13e8  [ F25247D0E011A643EE60052CE23BE05E, 6C4957D0D2F63C10AD5AFB14CC99D7A94AC6FEF69168F5F09973B883EE2501D0 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
15:46:59.0362 0x13e8  ETService - ok
15:46:59.0408 0x13e8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
15:46:59.0408 0x13e8  EventSystem - ok
15:46:59.0455 0x13e8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:46:59.0455 0x13e8  exfat - ok
15:46:59.0502 0x13e8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:46:59.0502 0x13e8  fastfat - ok
15:46:59.0533 0x13e8  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:46:59.0533 0x13e8  fdc - ok
15:46:59.0564 0x13e8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
15:46:59.0564 0x13e8  fdPHost - ok
15:46:59.0580 0x13e8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:46:59.0580 0x13e8  FDResPub - ok
15:46:59.0596 0x13e8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:46:59.0596 0x13e8  FileInfo - ok
15:46:59.0611 0x13e8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:46:59.0611 0x13e8  Filetrace - ok
15:46:59.0627 0x13e8  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:46:59.0627 0x13e8  flpydisk - ok
15:46:59.0627 0x13e8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:46:59.0642 0x13e8  FltMgr - ok
15:46:59.0705 0x13e8  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
15:46:59.0720 0x13e8  FontCache - ok
15:46:59.0798 0x13e8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:46:59.0798 0x13e8  FontCache3.0.0.0 - ok
15:46:59.0845 0x13e8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:46:59.0845 0x13e8  Fs_Rec - ok
15:46:59.0892 0x13e8  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:46:59.0892 0x13e8  gagp30kx - ok
15:46:59.0923 0x13e8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
15:46:59.0939 0x13e8  gpsvc - ok
15:46:59.0970 0x13e8  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:46:59.0986 0x13e8  HdAudAddService - ok
15:47:00.0017 0x13e8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:00.0032 0x13e8  HDAudBus - ok
15:47:00.0048 0x13e8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:47:00.0048 0x13e8  HidBth - ok
15:47:00.0048 0x13e8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:47:00.0064 0x13e8  HidIr - ok
15:47:00.0079 0x13e8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
15:47:00.0079 0x13e8  hidserv - ok
15:47:00.0110 0x13e8  [ 7F7E5E98CEFED8A10F7E56810EA7B6DF, 7D9F6801B24C96FAE77A50162074EDA4C4470C1E240BDC79ECB6B514E195291C ] hidshim         C:\Windows\system32\DRIVERS\hidshim.sys
15:47:00.0110 0x13e8  hidshim - ok
15:47:00.0142 0x13e8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:47:00.0142 0x13e8  HidUsb - ok
15:47:00.0204 0x13e8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:47:00.0204 0x13e8  hkmsvc - ok
15:47:00.0235 0x13e8  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:47:00.0235 0x13e8  HpCISSs - ok
15:47:00.0282 0x13e8  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:47:00.0282 0x13e8  HSFHWAZL - ok
15:47:00.0344 0x13e8  [ 7BC42C65B5C6281777C1A7605B253BA8, 71885EB4E8625450ECA4623466FB3D5437DAABE739A5DC3B5F4CF982A65F8A86 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
15:47:00.0391 0x13e8  HSF_DPV - ok
15:47:00.0422 0x13e8  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E, A11CE324DD8E8BDFFDF513429C32D3C16EC79DC9A7517048587759B26BF38583 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
15:47:00.0422 0x13e8  HSXHWAZL - ok
15:47:00.0485 0x13e8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:47:00.0500 0x13e8  HTTP - ok
15:47:00.0532 0x13e8  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:47:00.0532 0x13e8  i2omp - ok
15:47:00.0547 0x13e8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:00.0547 0x13e8  i8042prt - ok
15:47:00.0594 0x13e8  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:47:00.0594 0x13e8  iaStorV - ok
15:47:00.0703 0x13e8  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:47:00.0750 0x13e8  idsvc - ok
15:47:00.0766 0x13e8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:47:00.0766 0x13e8  iirsp - ok
15:47:00.0812 0x13e8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:47:00.0828 0x13e8  IKEEXT - ok
15:47:00.0875 0x13e8  [ 58FF11C95C3681C9250914521CB9F036, 21249A7F85FCCC5DF56F67C92D3964CFBD3E9855EABDD2148075200A86868372 ] int15           C:\Windows\system32\drivers\int15.sys
15:47:00.0875 0x13e8  int15 - ok
15:47:00.0984 0x13e8  [ B8716D9677B04B82FA405C8C54954728, 19BD403E268F27E2A50B3619ED87D6553D837456E32C56CB596C0E87A2B4895F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:47:01.0062 0x13e8  IntcAzAudAddService - ok
15:47:01.0093 0x13e8  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
15:47:01.0093 0x13e8  intelide - ok
15:47:01.0124 0x13e8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:47:01.0124 0x13e8  intelppm - ok
15:47:01.0156 0x13e8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:47:01.0156 0x13e8  IPBusEnum - ok
15:47:01.0187 0x13e8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:01.0187 0x13e8  IpFilterDriver - ok
15:47:01.0218 0x13e8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:47:01.0218 0x13e8  iphlpsvc - ok
15:47:01.0234 0x13e8  IpInIp - ok
15:47:01.0249 0x13e8  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:47:01.0249 0x13e8  IPMIDRV - ok
15:47:01.0280 0x13e8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:47:01.0280 0x13e8  IPNAT - ok
15:47:01.0312 0x13e8  [ E50A95179211B12946F7E035D60AF560, 69765E2548BA708FF35545EC944DBA1940AD4065AF90E53B97A7792AC231DCF7 ] irda            C:\Windows\system32\DRIVERS\irda.sys
15:47:01.0312 0x13e8  irda - ok
15:47:01.0343 0x13e8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:47:01.0343 0x13e8  IRENUM - ok
15:47:01.0358 0x13e8  [ CBB0D940221A281BCFEAEA695BD1CDA5, D05D192019524A02FE3FAE6827B98A942FA1AD651BF7AA53530A8A6F4ADFB7EB ] Irmon           C:\Windows\System32\irmon.dll
15:47:01.0358 0x13e8  Irmon - ok
15:47:01.0390 0x13e8  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:47:01.0390 0x13e8  isapnp - ok
15:47:01.0436 0x13e8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:47:01.0436 0x13e8  iScsiPrt - ok
15:47:01.0468 0x13e8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:47:01.0483 0x13e8  iteatapi - ok
15:47:01.0483 0x13e8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:47:01.0499 0x13e8  iteraid - ok
15:47:01.0514 0x13e8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:01.0514 0x13e8  kbdclass - ok
15:47:01.0546 0x13e8  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:47:01.0546 0x13e8  kbdhid - ok
15:47:01.0577 0x13e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:47:01.0577 0x13e8  KeyIso - ok
15:47:01.0624 0x13e8  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:47:01.0624 0x13e8  KSecDD - ok
15:47:01.0670 0x13e8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:47:01.0702 0x13e8  KtmRm - ok
15:47:01.0733 0x13e8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:47:01.0733 0x13e8  LanmanServer - ok
15:47:01.0780 0x13e8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:01.0795 0x13e8  LanmanWorkstation - ok
15:47:01.0842 0x13e8  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:47:01.0842 0x13e8  LightScribeService - ok
15:47:01.0873 0x13e8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:47:01.0873 0x13e8  lltdio - ok
15:47:01.0904 0x13e8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:47:01.0920 0x13e8  lltdsvc - ok
15:47:01.0936 0x13e8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:47:01.0951 0x13e8  lmhosts - ok
15:47:01.0967 0x13e8  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:47:01.0982 0x13e8  LSI_FC - ok
15:47:01.0998 0x13e8  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:47:02.0014 0x13e8  LSI_SAS - ok
15:47:02.0029 0x13e8  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:47:02.0029 0x13e8  LSI_SCSI - ok
15:47:02.0060 0x13e8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:47:02.0060 0x13e8  luafv - ok
15:47:02.0092 0x13e8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:47:02.0092 0x13e8  Mcx2Svc - ok
15:47:02.0107 0x13e8  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:47:02.0107 0x13e8  mdmxsdk - ok
15:47:02.0138 0x13e8  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
15:47:02.0138 0x13e8  megasas - ok
15:47:02.0170 0x13e8  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:47:02.0185 0x13e8  MegaSR - ok
15:47:02.0216 0x13e8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
15:47:02.0216 0x13e8  MMCSS - ok
15:47:02.0326 0x13e8  MobilityService - ok
15:47:02.0341 0x13e8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
15:47:02.0341 0x13e8  Modem - ok
15:47:02.0388 0x13e8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:47:02.0388 0x13e8  monitor - ok
15:47:02.0435 0x13e8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:47:02.0435 0x13e8  mouclass - ok
15:47:02.0450 0x13e8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:47:02.0450 0x13e8  mouhid - ok
15:47:02.0466 0x13e8  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:47:02.0466 0x13e8  MountMgr - ok
15:47:02.0544 0x13e8  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:47:02.0544 0x13e8  MozillaMaintenance - ok
15:47:02.0591 0x13e8  [ 7D2484C4995A3DB47345EFED2A0B579E, 55B3CDE0BEF743874793679692A6C744B2771C85A0FEE1904F28A51EEE9C0CEB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:47:02.0591 0x13e8  MpFilter - ok
15:47:02.0622 0x13e8  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:47:02.0622 0x13e8  mpio - ok
15:47:02.0794 0x13e8  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl69062c0b   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\MpKsl69062c0b.sys
15:47:02.0794 0x13e8  MpKsl69062c0b - ok
15:47:02.0840 0x13e8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:47:02.0840 0x13e8  mpsdrv - ok
15:47:02.0887 0x13e8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:47:02.0903 0x13e8  MpsSvc - ok
15:47:02.0934 0x13e8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:47:02.0934 0x13e8  Mraid35x - ok
15:47:02.0981 0x13e8  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:47:02.0981 0x13e8  MRxDAV - ok
15:47:02.0996 0x13e8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:02.0996 0x13e8  mrxsmb - ok
15:47:03.0028 0x13e8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:03.0043 0x13e8  mrxsmb10 - ok
15:47:03.0059 0x13e8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:03.0059 0x13e8  mrxsmb20 - ok
15:47:03.0090 0x13e8  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
15:47:03.0090 0x13e8  msahci - ok
15:47:03.0106 0x13e8  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:47:03.0106 0x13e8  msdsm - ok
15:47:03.0137 0x13e8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
15:47:03.0137 0x13e8  MSDTC - ok
15:47:03.0152 0x13e8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:47:03.0152 0x13e8  Msfs - ok
15:47:03.0152 0x13e8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:47:03.0168 0x13e8  msisadrv - ok
15:47:03.0215 0x13e8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:47:03.0230 0x13e8  MSiSCSI - ok
15:47:03.0230 0x13e8  msiserver - ok
15:47:03.0246 0x13e8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:47:03.0246 0x13e8  MSKSSRV - ok
15:47:03.0340 0x13e8  [ F26F7A5B18C717E57E3B6B306ABEC00B, 4C49C67A48F6B77E38A7FD28C960C92DFF371ACF0722C6EE4DF5F4B382937870 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:47:03.0340 0x13e8  MsMpSvc - ok
15:47:03.0355 0x13e8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:03.0355 0x13e8  MSPCLOCK - ok
15:47:03.0371 0x13e8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:47:03.0371 0x13e8  MSPQM - ok
15:47:03.0402 0x13e8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:47:03.0433 0x13e8  MsRPC - ok
15:47:03.0480 0x13e8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:03.0480 0x13e8  mssmbios - ok
15:47:03.0496 0x13e8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:47:03.0496 0x13e8  MSTEE - ok
15:47:03.0511 0x13e8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:47:03.0527 0x13e8  Mup - ok
15:47:03.0542 0x13e8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:47:03.0558 0x13e8  napagent - ok
15:47:03.0620 0x13e8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:47:03.0620 0x13e8  NativeWifiP - ok
15:47:03.0667 0x13e8  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:47:03.0667 0x13e8  NDIS - ok
15:47:03.0698 0x13e8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:03.0698 0x13e8  NdisTapi - ok
15:47:03.0730 0x13e8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:03.0745 0x13e8  Ndisuio - ok
15:47:03.0761 0x13e8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:03.0761 0x13e8  NdisWan - ok
15:47:03.0776 0x13e8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:47:03.0776 0x13e8  NDProxy - ok
15:47:03.0808 0x13e8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:47:03.0808 0x13e8  NetBIOS - ok
15:47:03.0823 0x13e8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:47:03.0839 0x13e8  netbt - ok
15:47:03.0839 0x13e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:47:03.0854 0x13e8  Netlogon - ok
15:47:03.0886 0x13e8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:47:03.0886 0x13e8  Netman - ok
15:47:03.0948 0x13e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:03.0948 0x13e8  NetMsmqActivator - ok
15:47:03.0964 0x13e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:03.0964 0x13e8  NetPipeActivator - ok
15:47:03.0995 0x13e8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:47:04.0010 0x13e8  netprofm - ok
15:47:04.0042 0x13e8  [ A013222A9A890DDAAC967DEBADE59EAD, A36EDE54BFF1204981BABA185926718FFFEA72DDE6DB21A4869A0A1B016CD7F6 ] netr28          C:\Windows\system32\DRIVERS\netr28.sys
15:47:04.0057 0x13e8  netr28 - ok
15:47:04.0057 0x13e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:04.0073 0x13e8  NetTcpActivator - ok
15:47:04.0073 0x13e8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:04.0073 0x13e8  NetTcpPortSharing - ok
15:47:04.0135 0x13e8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:47:04.0135 0x13e8  nfrd960 - ok
15:47:04.0182 0x13e8  [ 94B8279FC0E27A8253944DFA47FC4A83, D799003BD163200F7DE0EC882756EF08AA70C45BF0518E3BC6DB8B8FB74BF663 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:47:04.0182 0x13e8  NisDrv - ok
15:47:04.0229 0x13e8  [ 1452F52471F2DC1515DD6C35B42FF06E, 57A2858B24D0C9C229A4C76F85DB453E867921C2B4E41835211C4EB5EBE99DE8 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:47:04.0229 0x13e8  NisSrv - ok
15:47:04.0291 0x13e8  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:47:04.0307 0x13e8  NlaSvc - ok
15:47:04.0338 0x13e8  [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
15:47:04.0338 0x13e8  nmwcd - ok
15:47:04.0354 0x13e8  [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
15:47:04.0354 0x13e8  nmwcdc - ok
15:47:04.0385 0x13e8  [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
15:47:04.0400 0x13e8  nmwcdnsu - ok
15:47:04.0416 0x13e8  [ 9699486E10F89163979FCD48A40FE805, 04D05666920C91106FFF60F1DCE7D8B89F6F1419D0035A5BF7AB5F0BA5C39B31 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
15:47:04.0416 0x13e8  nmwcdnsuc - ok
15:47:04.0432 0x13e8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:47:04.0432 0x13e8  Npfs - ok
15:47:04.0494 0x13e8  [ 6D8D2E5652FC2442C810C5D8BE784148, 013FF4FA03CA2E066B1946CC09889616B243068BA0FB2E58D4C1435BF66FBC87 ] NSCIRDA         C:\Windows\system32\DRIVERS\nscirda.sys
15:47:04.0572 0x13e8  NSCIRDA - ok
15:47:04.0603 0x13e8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
15:47:04.0603 0x13e8  nsi - ok
15:47:04.0634 0x13e8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:47:04.0634 0x13e8  nsiproxy - ok
15:47:04.0697 0x13e8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:47:04.0728 0x13e8  Ntfs - ok
15:47:04.0775 0x13e8  [ 2757D2BA59AEE155209E24942AB127C9, 60C8571D548901A68591F1C7C548B40FA1086D21D23B8CB1083A8AE50760FE87 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:47:04.0822 0x13e8  NTIDrvr - ok
15:47:04.0853 0x13e8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:47:04.0853 0x13e8  ntrigdigi - ok
15:47:04.0868 0x13e8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:47:04.0868 0x13e8  Null - ok
15:47:04.0868 0x13e8  [ 85D8845B7B6A434B7CE35723BF0E5C57, F10026F2F63F4852D9E174E1D4E0345BB5080A20370F7F350F5D5951CD52F5BC ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
15:47:04.0868 0x13e8  nuvotonhidgeneric - ok
15:47:04.0915 0x13e8  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:47:04.0915 0x13e8  nvraid - ok
15:47:04.0931 0x13e8  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:47:04.0931 0x13e8  nvstor - ok
15:47:04.0946 0x13e8  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:47:04.0962 0x13e8  nv_agp - ok
15:47:04.0962 0x13e8  NwlnkFlt - ok
15:47:04.0962 0x13e8  NwlnkFwd - ok
15:47:05.0024 0x13e8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:47:05.0056 0x13e8  odserv - ok
15:47:05.0071 0x13e8  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:47:05.0087 0x13e8  ohci1394 - ok
15:47:05.0118 0x13e8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:05.0118 0x13e8  ose - ok
15:47:05.0196 0x13e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:47:05.0212 0x13e8  p2pimsvc - ok
15:47:05.0258 0x13e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:47:05.0274 0x13e8  p2psvc - ok
15:47:05.0305 0x13e8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
15:47:05.0305 0x13e8  Parport - ok
15:47:05.0352 0x13e8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:47:05.0352 0x13e8  partmgr - ok
15:47:05.0368 0x13e8  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:47:05.0368 0x13e8  Parvdm - ok
15:47:05.0414 0x13e8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:47:05.0414 0x13e8  PcaSvc - ok
15:47:05.0461 0x13e8  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:47:05.0461 0x13e8  pccsmcfd - ok
15:47:05.0492 0x13e8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
15:47:05.0492 0x13e8  pci - ok
15:47:05.0524 0x13e8  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:47:05.0524 0x13e8  pciide - ok
15:47:05.0555 0x13e8  [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:47:05.0555 0x13e8  pcmcia - ok
15:47:05.0617 0x13e8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:47:05.0633 0x13e8  PEAUTH - ok
15:47:05.0742 0x13e8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
15:47:05.0804 0x13e8  pla - ok
15:47:05.0836 0x13e8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:47:05.0851 0x13e8  PlugPlay - ok
15:47:05.0882 0x13e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:47:05.0898 0x13e8  PNRPAutoReg - ok
15:47:05.0945 0x13e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:47:05.0960 0x13e8  PNRPsvc - ok
15:47:05.0992 0x13e8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:47:06.0007 0x13e8  PolicyAgent - ok
15:47:06.0054 0x13e8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:47:06.0054 0x13e8  PptpMiniport - ok
15:47:06.0085 0x13e8  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
15:47:06.0085 0x13e8  Processor - ok
15:47:06.0148 0x13e8  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:47:06.0163 0x13e8  ProfSvc - ok
15:47:06.0194 0x13e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:06.0194 0x13e8  ProtectedStorage - ok
15:47:06.0226 0x13e8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:47:06.0226 0x13e8  PSched - ok
15:47:06.0288 0x13e8  [ 628321C8DD76AD369B362B202E655A68, 751756AB21D5C1885EF74C3878C5625860AF2934920DA015237D614399976C5A ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
15:47:06.0288 0x13e8  PSDFilter - ok
15:47:06.0319 0x13e8  [ 79D7117E62709C7690CF3DD55ACEAD37, BB05CD9B7B966AD5B26DA8647CCB0FD0786CDD3C7BB22FCEE5005CD4A253FBD9 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
15:47:06.0319 0x13e8  PSDNServ - ok
15:47:06.0350 0x13e8  [ CAE5E82827990CF4BD4A49576BDE3A43, 3A8B9CF9A8F50337F164F4996AB05602EEA403054577253FFFFEBB0B70F77208 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:47:06.0350 0x13e8  psdvdisk - ok
15:47:06.0350 0x13e8  [ D24DFD16A1E2A76034DF5AA18125C35D, BB1F2BB3EB69DE742AA8ED33DCB572888BC473182E0F7DA860CB57903C9924A6 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
15:47:06.0397 0x13e8  PSI - ok
15:47:06.0475 0x13e8  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:47:06.0538 0x13e8  ql2300 - ok
15:47:06.0584 0x13e8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:47:06.0584 0x13e8  ql40xx - ok
15:47:06.0647 0x13e8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
15:47:06.0662 0x13e8  QWAVE - ok
15:47:06.0678 0x13e8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:47:06.0678 0x13e8  QWAVEdrv - ok
15:47:06.0694 0x13e8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:47:06.0694 0x13e8  RasAcd - ok
15:47:06.0725 0x13e8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
15:47:06.0725 0x13e8  RasAuto - ok
15:47:06.0756 0x13e8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:06.0756 0x13e8  Rasl2tp - ok
15:47:06.0803 0x13e8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:47:06.0818 0x13e8  RasMan - ok
15:47:06.0818 0x13e8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:06.0834 0x13e8  RasPppoe - ok
15:47:06.0834 0x13e8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:47:06.0834 0x13e8  RasSstp - ok
15:47:06.0865 0x13e8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:47:06.0865 0x13e8  rdbss - ok
15:47:06.0896 0x13e8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:06.0896 0x13e8  RDPCDD - ok
15:47:06.0928 0x13e8  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:47:06.0928 0x13e8  rdpdr - ok
15:47:06.0943 0x13e8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:47:06.0943 0x13e8  RDPENCDD - ok
15:47:06.0990 0x13e8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:47:06.0990 0x13e8  RDPWD - ok
15:47:07.0052 0x13e8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:47:07.0068 0x13e8  RemoteAccess - ok
15:47:07.0084 0x13e8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:47:07.0084 0x13e8  RemoteRegistry - ok
15:47:07.0162 0x13e8  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       c:\Program Files\Cyberlink\Shared files\RichVideo.exe
15:47:07.0177 0x13e8  RichVideo - ok
15:47:07.0208 0x13e8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:47:07.0208 0x13e8  RpcLocator - ok
15:47:07.0255 0x13e8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
15:47:07.0271 0x13e8  RpcSs - ok
15:47:07.0302 0x13e8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:47:07.0302 0x13e8  rspndr - ok
15:47:07.0333 0x13e8  [ 065A51298212455584F1811B033B617E, 74FE455F7415A8D2199C92ED3F3A0190878FDBAFBCA2127D70643A215548AAF3 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
15:47:07.0396 0x13e8  RTHDMIAzAudService - ok
15:47:07.0427 0x13e8  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
15:47:07.0427 0x13e8  RTSTOR - ok
15:47:07.0442 0x13e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
15:47:07.0442 0x13e8  SamSs - ok
15:47:07.0520 0x13e8  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:47:07.0520 0x13e8  SASDIFSV - ok
15:47:07.0536 0x13e8  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:47:07.0536 0x13e8  SASKUTIL - ok
15:47:07.0567 0x13e8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:47:07.0567 0x13e8  sbp2port - ok
15:47:07.0598 0x13e8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:47:07.0614 0x13e8  SCardSvr - ok
15:47:07.0676 0x13e8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
15:47:07.0692 0x13e8  Schedule - ok
15:47:07.0739 0x13e8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:47:07.0739 0x13e8  SCPolicySvc - ok
15:47:07.0754 0x13e8  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:47:07.0754 0x13e8  sdbus - ok
15:47:07.0801 0x13e8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:47:07.0801 0x13e8  SDRSVC - ok
15:47:07.0942 0x13e8  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
15:47:07.0973 0x13e8  SDScannerService - ok
15:47:08.0082 0x13e8  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:47:08.0129 0x13e8  SDUpdateService - ok
15:47:08.0144 0x13e8  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:47:08.0160 0x13e8  SDWSCService - ok
15:47:08.0191 0x13e8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:47:08.0207 0x13e8  secdrv - ok
15:47:08.0238 0x13e8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
15:47:08.0238 0x13e8  seclogon - ok
15:47:08.0332 0x13e8  [ 9044795E9D1A912D5F1B8DF6211850FD, 9AFE4E9B5C3E7F911A3E0397678CB1783C99AFB0964D104676B71A0C46CB08A4 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
15:47:08.0394 0x13e8  Secunia PSI Agent - ok
15:47:08.0441 0x13e8  [ 8B1A72E4FB63A9C068B08E1F9B70482A, 32A529B3595C95A4306B7A4C199940F88D56B5563BE040478AF1963BBDED0394 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
15:47:08.0456 0x13e8  Secunia Update Agent - ok
15:47:08.0472 0x13e8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
15:47:08.0472 0x13e8  SENS - ok
15:47:08.0519 0x13e8  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:47:08.0519 0x13e8  Serenum - ok
15:47:08.0534 0x13e8  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
15:47:08.0534 0x13e8  Serial - ok
15:47:08.0550 0x13e8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:47:08.0566 0x13e8  sermouse - ok
15:47:08.0659 0x13e8  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:47:08.0690 0x13e8  ServiceLayer - ok
15:47:08.0768 0x13e8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:47:08.0768 0x13e8  SessionEnv - ok
15:47:08.0800 0x13e8  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:47:08.0815 0x13e8  sffdisk - ok
15:47:08.0815 0x13e8  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:47:08.0831 0x13e8  sffp_mmc - ok
15:47:08.0846 0x13e8  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:47:08.0846 0x13e8  sffp_sd - ok
15:47:08.0878 0x13e8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:47:08.0878 0x13e8  sfloppy - ok
15:47:08.0940 0x13e8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:47:08.0940 0x13e8  SharedAccess - ok
15:47:09.0018 0x13e8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:09.0034 0x13e8  ShellHWDetection - ok
15:47:09.0049 0x13e8  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:47:09.0049 0x13e8  sisagp - ok
15:47:09.0065 0x13e8  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:47:09.0065 0x13e8  SiSRaid2 - ok
15:47:09.0080 0x13e8  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:47:09.0096 0x13e8  SiSRaid4 - ok
15:47:09.0252 0x13e8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
15:47:09.0330 0x13e8  slsvc - ok
15:47:09.0408 0x13e8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:47:09.0408 0x13e8  SLUINotify - ok
15:47:09.0439 0x13e8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:47:09.0455 0x13e8  Smb - ok
15:47:09.0486 0x13e8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:47:09.0502 0x13e8  SNMPTRAP - ok
15:47:09.0533 0x13e8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:47:09.0533 0x13e8  spldr - ok
15:47:09.0564 0x13e8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:47:09.0564 0x13e8  Spooler - ok
15:47:09.0611 0x13e8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:47:09.0611 0x13e8  srv - ok
15:47:09.0642 0x13e8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:47:09.0658 0x13e8  srv2 - ok
15:47:09.0658 0x13e8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:47:09.0673 0x13e8  srvnet - ok
15:47:09.0689 0x13e8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:47:09.0689 0x13e8  SSDPSRV - ok
15:47:09.0751 0x13e8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:47:09.0751 0x13e8  SstpSvc - ok
15:47:09.0814 0x13e8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:47:09.0814 0x13e8  stisvc - ok
15:47:09.0845 0x13e8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:47:09.0860 0x13e8  swenum - ok
15:47:09.0892 0x13e8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
15:47:09.0892 0x13e8  swprv - ok
15:47:09.0938 0x13e8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:47:09.0938 0x13e8  Symc8xx - ok
15:47:09.0954 0x13e8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:47:09.0970 0x13e8  Sym_hi - ok
15:47:09.0985 0x13e8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:47:09.0985 0x13e8  Sym_u3 - ok
15:47:10.0032 0x13e8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
15:47:10.0048 0x13e8  SysMain - ok
15:47:10.0188 0x13e8  [ F7CE757FE4EA0641483A5725F5E26194, 9B17DA41DC3E5B421EA0D9582D6FC2B9384855026CFE29ABF01300C58EB325ED ] SystemExplorerHelpService C:\Program Files\System Explorer\service\SystemExplorerService.exe
15:47:10.0204 0x13e8  SystemExplorerHelpService - ok
15:47:10.0235 0x13e8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:10.0235 0x13e8  TabletInputService - ok
15:47:10.0266 0x13e8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:47:10.0266 0x13e8  TapiSrv - ok
15:47:10.0297 0x13e8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
15:47:10.0313 0x13e8  TBS - ok
15:47:10.0375 0x13e8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:47:10.0406 0x13e8  Tcpip - ok
15:47:10.0453 0x13e8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:47:10.0469 0x13e8  Tcpip6 - ok
15:47:10.0516 0x13e8  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:47:10.0516 0x13e8  tcpipreg - ok
15:47:10.0578 0x13e8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:47:10.0578 0x13e8  TDPIPE - ok
15:47:10.0609 0x13e8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:47:10.0609 0x13e8  TDTCP - ok
15:47:10.0625 0x13e8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:47:10.0625 0x13e8  tdx - ok
15:47:10.0656 0x13e8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:47:10.0672 0x13e8  TermDD - ok
15:47:10.0703 0x13e8  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
15:47:10.0718 0x13e8  TermService - ok
15:47:10.0750 0x13e8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:47:10.0765 0x13e8  Themes - ok
15:47:10.0796 0x13e8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:47:10.0796 0x13e8  THREADORDER - ok
15:47:10.0843 0x13e8  [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService D:\STRABAG TomTom Home 2\TomTomHOMEService.exe
15:47:10.0859 0x13e8  TomTomHOMEService - ok
15:47:10.0890 0x13e8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:47:10.0906 0x13e8  TrkWks - ok
15:47:10.0968 0x13e8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:10.0968 0x13e8  TrustedInstaller - ok
15:47:11.0015 0x13e8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:11.0015 0x13e8  tssecsrv - ok
15:47:11.0171 0x13e8  [ DFE6CCE27C5CCC3C00D660226050E76D, BA2679363D00F7FCCB6AB751BC79298187BD4FA03D697E313DAF088CE06FF5B3 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
15:47:11.0202 0x13e8  TuneUp.UtilitiesSvc - ok
15:47:11.0233 0x13e8  [ E5049C43601473B5A909058596111229, 96CFE481F767C66FA2877594384086C1BE8B2BADBF12DBF4CB72CF73898D0876 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
15:47:11.0233 0x13e8  TuneUpUtilitiesDrv - ok
15:47:11.0249 0x13e8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:47:11.0264 0x13e8  tunmp - ok
15:47:11.0280 0x13e8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:47:11.0280 0x13e8  tunnel - ok
15:47:11.0311 0x13e8  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:47:11.0311 0x13e8  uagp35 - ok
15:47:11.0342 0x13e8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:47:11.0342 0x13e8  udfs - ok
15:47:11.0405 0x13e8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:47:11.0405 0x13e8  UI0Detect - ok
15:47:11.0436 0x13e8  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:47:11.0436 0x13e8  uliagpkx - ok
15:47:11.0452 0x13e8  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:47:11.0467 0x13e8  uliahci - ok
15:47:11.0514 0x13e8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:47:11.0530 0x13e8  UlSata - ok
15:47:11.0545 0x13e8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:47:11.0545 0x13e8  ulsata2 - ok
15:47:11.0576 0x13e8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:47:11.0576 0x13e8  umbus - ok
15:47:11.0623 0x13e8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:47:11.0623 0x13e8  upnphost - ok
15:47:11.0670 0x13e8  [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
15:47:11.0670 0x13e8  upperdev - ok
15:47:11.0717 0x13e8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:11.0717 0x13e8  usbccgp - ok
15:47:11.0732 0x13e8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:47:11.0732 0x13e8  usbcir - ok
15:47:11.0764 0x13e8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:47:11.0764 0x13e8  usbehci - ok
15:47:11.0779 0x13e8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:47:11.0779 0x13e8  usbhub - ok
15:47:11.0810 0x13e8  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:47:11.0810 0x13e8  usbohci - ok
15:47:11.0842 0x13e8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:47:11.0842 0x13e8  usbprint - ok
15:47:11.0873 0x13e8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:47:11.0873 0x13e8  usbscan - ok
15:47:11.0904 0x13e8  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
15:47:11.0904 0x13e8  usbser - ok
15:47:11.0920 0x13e8  [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
15:47:11.0920 0x13e8  UsbserFilt - ok
15:47:11.0951 0x13e8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:11.0951 0x13e8  USBSTOR - ok
15:47:11.0966 0x13e8  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:47:11.0966 0x13e8  usbuhci - ok
15:47:12.0013 0x13e8  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:47:12.0013 0x13e8  usbvideo - ok
15:47:12.0060 0x13e8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
15:47:12.0060 0x13e8  UxSms - ok
15:47:12.0122 0x13e8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
15:47:12.0138 0x13e8  vds - ok
15:47:12.0185 0x13e8  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:12.0185 0x13e8  vga - ok
15:47:12.0200 0x13e8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:47:12.0200 0x13e8  VgaSave - ok
15:47:12.0216 0x13e8  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:47:12.0216 0x13e8  viaagp - ok
15:47:12.0232 0x13e8  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:47:12.0232 0x13e8  ViaC7 - ok
15:47:12.0278 0x13e8  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
15:47:12.0278 0x13e8  viaide - ok
15:47:12.0294 0x13e8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:47:12.0294 0x13e8  volmgr - ok
15:47:12.0310 0x13e8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:47:12.0325 0x13e8  volmgrx - ok
15:47:12.0341 0x13e8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:47:12.0356 0x13e8  volsnap - ok
15:47:12.0372 0x13e8  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:47:12.0372 0x13e8  vsmraid - ok
15:47:12.0434 0x13e8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
15:47:12.0466 0x13e8  VSS - ok
15:47:12.0528 0x13e8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
15:47:12.0544 0x13e8  W32Time - ok
15:47:12.0590 0x13e8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:47:12.0590 0x13e8  WacomPen - ok
15:47:12.0606 0x13e8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:47:12.0606 0x13e8  Wanarp - ok
15:47:12.0622 0x13e8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:47:12.0622 0x13e8  Wanarpv6 - ok
15:47:12.0668 0x13e8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:47:12.0684 0x13e8  wcncsvc - ok
15:47:12.0715 0x13e8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:47:12.0715 0x13e8  WcsPlugInService - ok
15:47:12.0746 0x13e8  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
15:47:12.0746 0x13e8  Wd - ok
15:47:12.0793 0x13e8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:47:12.0809 0x13e8  Wdf01000 - ok
15:47:12.0840 0x13e8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:47:12.0840 0x13e8  WdiServiceHost - ok
15:47:12.0856 0x13e8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:47:12.0856 0x13e8  WdiSystemHost - ok
15:47:12.0887 0x13e8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
15:47:12.0902 0x13e8  WebClient - ok
15:47:12.0965 0x13e8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:47:12.0965 0x13e8  Wecsvc - ok
15:47:12.0980 0x13e8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:47:12.0980 0x13e8  wercplsupport - ok
15:47:13.0027 0x13e8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:47:13.0027 0x13e8  WerSvc - ok
15:47:13.0074 0x13e8  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA, 711DD957AF98F1B835ECE0FEBCCF8FCC7763F1DAA232F1C9E80DE6DA123C7F33 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
15:47:13.0090 0x13e8  winachsf - ok
15:47:13.0214 0x13e8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:47:13.0214 0x13e8  WinDefend - ok
15:47:13.0230 0x13e8  WinHttpAutoProxySvc - ok
15:47:13.0308 0x13e8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:47:13.0324 0x13e8  Winmgmt - ok
15:47:13.0402 0x13e8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:47:13.0417 0x13e8  WinRM - ok
15:47:13.0495 0x13e8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:47:13.0511 0x13e8  Wlansvc - ok
15:47:13.0526 0x13e8  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:47:13.0526 0x13e8  WmiAcpi - ok
15:47:13.0573 0x13e8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:47:13.0573 0x13e8  wmiApSrv - ok
15:47:13.0636 0x13e8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:47:13.0667 0x13e8  WMPNetworkSvc - ok
15:47:13.0714 0x13e8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:47:13.0729 0x13e8  WPCSvc - ok
15:47:13.0760 0x13e8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:47:13.0776 0x13e8  WPDBusEnum - ok
15:47:13.0807 0x13e8  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:47:13.0807 0x13e8  WpdUsb - ok
15:47:13.0885 0x13e8  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:47:13.0901 0x13e8  WPFFontCache_v0400 - ok
15:47:13.0932 0x13e8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:47:13.0932 0x13e8  ws2ifsl - ok
15:47:13.0948 0x13e8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
15:47:13.0963 0x13e8  wscsvc - ok
15:47:13.0963 0x13e8  WSearch - ok
15:47:14.0057 0x13e8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:47:14.0104 0x13e8  wuauserv - ok
15:47:14.0150 0x13e8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:47:14.0150 0x13e8  WudfPf - ok
15:47:14.0197 0x13e8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:14.0197 0x13e8  WUDFRd - ok
15:47:14.0244 0x13e8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:47:14.0244 0x13e8  wudfsvc - ok
15:47:14.0275 0x13e8  [ 88AF537264F2B818DA15479CEEAF5D7C, E0F95D6448FFB77351BB63ED444238F891B16748FD09F8BCCA23BEC4E341A96B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
15:47:14.0275 0x13e8  XAudio - ok
15:47:14.0291 0x13e8  [ 15A317674A08DF26BE65164D959E9203, 6EEE0D1711F37936D157651E265A65137BCBFBDA17F066C844BAA0D53558F86A ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
15:47:14.0306 0x13e8  XAudioService - ok
15:47:14.0322 0x13e8  ================ Scan global ===============================
15:47:14.0384 0x13e8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:47:14.0447 0x13e8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:47:14.0494 0x13e8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:47:14.0540 0x13e8  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
15:47:14.0556 0x13e8  [ Global ] - ok
15:47:14.0556 0x13e8  ================ Scan MBR ==================================
15:47:14.0572 0x13e8  [ 27A811553A4F7A6A891CA99FFAE128F7 ] \Device\Harddisk0\DR0
15:47:15.0133 0x13e8  \Device\Harddisk0\DR0 - ok
15:47:15.0133 0x13e8  ================ Scan VBR ==================================
15:47:15.0149 0x13e8  [ 3085134B9FBE51B698BA4CF77D9EAC35 ] \Device\Harddisk0\DR0\Partition1
15:47:15.0180 0x13e8  \Device\Harddisk0\DR0\Partition1 - ok
15:47:15.0196 0x13e8  [ CE2F1EA48324CAEC4F66A639E4CCE59E ] \Device\Harddisk0\DR0\Partition2
15:47:15.0227 0x13e8  \Device\Harddisk0\DR0\Partition2 - ok
15:47:15.0227 0x13e8  ================ Scan generic autorun ======================
15:47:15.0289 0x13e8  [ CF28CEEEFA8253E4704ADD61573B792F, A73356BAB83345EE665F8B48FD586819B2A44B7DCB8B8D11C8F34B0B2F332DC3 ] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
15:47:15.0305 0x13e8  WinPatrol - ok
15:47:15.0398 0x13e8  [ BBD1BA710A00842064BA038570C13CB2, 155FABD8323C95932C9F552E8827A87356E9FCED471B8F5E06466F920EEB56A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
15:47:15.0414 0x13e8  MSC - ok
15:47:15.0601 0x13e8  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
15:47:15.0679 0x13e8  SDTray - ok
15:47:15.0835 0x13e8  [ C96005419013D688C22DA72D3B46BC4C, FCBE76E81E2C1F6512D2E0F9DD437FA625D0FC297B5634E5B47E1FE4B71707CD ] C:\Program Files\System Explorer\SystemExplorer.exe
15:47:15.0898 0x13e8  SystemExplorerAutoStart - ok
15:47:15.0991 0x13e8  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
15:47:16.0007 0x13e8  WMPNSCFG - ok
15:47:16.0054 0x13e8  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
15:47:16.0054 0x13e8  ehTray.exe - ok
15:47:16.0319 0x13e8  [ 064E24C715648566C77A9716F736CBE6, 201492A506A116EFADFFC72E60C960010AC978237AD2A98BB203989F89ACEA89 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
15:47:16.0459 0x13e8  SUPERAntiSpyware - ok
15:47:16.0475 0x13e8  WindowsWelcomeCenter - ok
15:47:16.0553 0x13e8  [ 3EBFE205F79CA1C5DF01E85436427278, A03C4D858DC23A88DB6127A843FB0FEE2138FB74017973243A96F84F361FC230 ] C:\Program Files\Acer\WR_PopUp\ProductReg.exe
15:47:16.0646 0x13e8  ProductReg - ok
15:47:16.0662 0x13e8  AV detected via SS2: AVG Internet Security 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
15:47:16.0662 0x13e8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
15:47:16.0662 0x13e8  FW detected via SS2: AVG Internet Security 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41010 ( enabled )
15:47:16.0678 0x13e8  ============================================================
15:47:16.0678 0x13e8  Scan finished
15:47:16.0678 0x13e8  ============================================================
15:47:16.0678 0x1768  Detected object count: 0
15:47:16.0678 0x1768  Actual detected object count: 0
15:51:15.0685 0x1550  KLMD registered as C:\Windows\system32\drivers\26804973.sys
15:51:17.0308 0x1550  Deinitialize success


Alt 02.04.2015, 15:50   #6
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


tdssKiller log 02.04.15, 16.02 h

Code:
ATTFilter
15:57:28.0211 0x045c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:57:31.0784 0x045c  ============================================================
15:57:31.0784 0x045c  Current date / time: 2015/04/02 15:57:31.0784
15:57:31.0784 0x045c  SystemInfo:
15:57:31.0784 0x045c  
15:57:31.0784 0x045c  OS Version: 6.0.6002 ServicePack: 2.0
15:57:31.0784 0x045c  Product type: Workstation
15:57:31.0784 0x045c  ComputerName: PETER-VERA-PC
15:57:31.0784 0x045c  UserName: peter
15:57:31.0784 0x045c  Windows directory: C:\Windows
15:57:31.0784 0x045c  System windows directory: C:\Windows
15:57:31.0784 0x045c  Processor architecture: Intel x86
15:57:31.0784 0x045c  Number of processors: 2
15:57:31.0784 0x045c  Page size: 0x1000
15:57:31.0784 0x045c  Boot type: Normal boot
15:57:31.0784 0x045c  ============================================================
15:57:31.0831 0x045c  BG loaded
15:57:32.0299 0x045c  System UUID: {809D2086-A496-CA25-0DE1-044877288803}
15:57:33.0406 0x045c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:57:33.0406 0x045c  ============================================================
15:57:33.0406 0x045c  \Device\Harddisk0\DR0:
15:57:33.0406 0x045c  MBR partitions:
15:57:33.0406 0x045c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x157C800, BlocksNum 0x1C3FB800
15:57:33.0406 0x045c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D978000, BlocksNum 0x1C40D800
15:57:33.0406 0x045c  ============================================================
15:57:33.0484 0x045c  C: <-> \Device\Harddisk0\DR0\Partition1
15:57:33.0547 0x045c  D: <-> \Device\Harddisk0\DR0\Partition2
15:57:33.0547 0x045c  ============================================================
15:57:33.0547 0x045c  Initialize success
15:57:33.0547 0x045c  ============================================================
15:57:44.0482 0x0ca8  ============================================================
15:57:44.0482 0x0ca8  Scan started
15:57:44.0482 0x0ca8  Mode: Manual; SigCheck; TDLFS; 
15:57:44.0482 0x0ca8  ============================================================
15:57:44.0482 0x0ca8  KSN ping started
15:57:44.0513 0x0ca8  KSN ping finished: false
15:57:46.0775 0x0ca8  ================ Scan system memory ========================
15:57:46.0775 0x0ca8  System memory - ok
15:57:46.0775 0x0ca8  ================ Scan services =============================
15:57:46.0978 0x0ca8  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:57:47.0150 0x0ca8  !SASCORE - ok
15:57:47.0571 0x0ca8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:57:47.0602 0x0ca8  ACPI - ok
15:57:47.0602 0x0ca8  adfs - ok
15:57:47.0680 0x0ca8  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:57:47.0711 0x0ca8  adp94xx - ok
15:57:47.0727 0x0ca8  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:57:47.0758 0x0ca8  adpahci - ok
15:57:47.0805 0x0ca8  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:57:47.0821 0x0ca8  adpu160m - ok
15:57:47.0836 0x0ca8  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:57:47.0852 0x0ca8  adpu320 - ok
15:57:47.0883 0x0ca8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:57:47.0992 0x0ca8  AeLookupSvc - ok
15:57:48.0023 0x0ca8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
15:57:48.0101 0x0ca8  AFD - ok
15:57:48.0117 0x0ca8  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:57:48.0133 0x0ca8  agp440 - ok
15:57:48.0164 0x0ca8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:57:48.0179 0x0ca8  aic78xx - ok
15:57:48.0211 0x0ca8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
15:57:48.0320 0x0ca8  ALG - ok
15:57:48.0367 0x0ca8  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
15:57:48.0382 0x0ca8  aliide - ok
15:57:48.0398 0x0ca8  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:57:48.0413 0x0ca8  amdagp - ok
15:57:48.0429 0x0ca8  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
15:57:48.0445 0x0ca8  amdide - ok
15:57:48.0476 0x0ca8  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:57:48.0601 0x0ca8  AmdK7 - ok
15:57:48.0616 0x0ca8  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:57:48.0647 0x0ca8  AmdK8 - ok
15:57:48.0694 0x0ca8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
15:57:48.0741 0x0ca8  Appinfo - ok
15:57:48.0772 0x0ca8  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
15:57:48.0788 0x0ca8  arc - ok
15:57:48.0803 0x0ca8  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:57:48.0819 0x0ca8  arcsas - ok
15:57:48.0975 0x0ca8  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:57:48.0991 0x0ca8  aspnet_state - ok
15:57:49.0022 0x0ca8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:49.0069 0x0ca8  AsyncMac - ok
15:57:49.0115 0x0ca8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
15:57:49.0131 0x0ca8  atapi - ok
15:57:49.0240 0x0ca8  [ 740B9B4140CACCD0513D999EAB488E48, 14DBD7F2681EB4E48239A30E274A2F7D6ED75977BCCDDA20B9A7D7B13167C5ED ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
15:57:49.0334 0x0ca8  Ati External Event Utility - ok
15:57:49.0505 0x0ca8  [ 7526AD10925D1AA9E4E6B0FB393B701F, C3E8F4D99C7A206C48AC5EC79FB7BFD35F4B8CF03DA56B54F2529155AB141566 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:57:49.0739 0x0ca8  atikmdag - ok
15:57:49.0817 0x0ca8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:57:49.0927 0x0ca8  AudioEndpointBuilder - ok
15:57:49.0958 0x0ca8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:57:49.0989 0x0ca8  Audiosrv - ok
15:57:50.0176 0x0ca8  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
15:57:50.0207 0x0ca8  Avgdiskx - ok
15:57:50.0239 0x0ca8  [ 7F9B01CE297EF4D54C5C4D736D22CF96, 7B13DE8346FE8218CA1D3ECFBD610B0292606318BA863D2C0941B6D3F55FB788 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6x.sys
15:57:50.0270 0x0ca8  Avgfwfd - ok
15:57:50.0379 0x0ca8  [ D6916995A3736E41224FC757E6520060, 374927C9AA4FDEE2AC4A66323D80F79216B19FFD0D42F252208E9F56FCEEC13C ] avgfws          C:\Program Files\AVG\AVG2015\avgfws.exe
15:57:50.0473 0x0ca8  avgfws - ok
15:57:50.0769 0x0ca8  [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent     C:\Program Files\AVG\AVG2015\avgidsagent.exe
15:57:50.0941 0x0ca8  AVGIDSAgent - ok
15:57:50.0987 0x0ca8  [ EB1AA821F99D5D2DA05511AE8D4704C4, 68AE41B7DA35200B24E27733DC05D9DA1F2D4C98524531AB8F1BD2AB4AFC831C ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
15:57:51.0003 0x0ca8  AVGIDSDriver - ok
15:57:51.0050 0x0ca8  [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
15:57:51.0081 0x0ca8  AVGIDSHX - ok
15:57:51.0112 0x0ca8  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
15:57:51.0128 0x0ca8  AVGIDSShim - ok
15:57:51.0175 0x0ca8  [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
15:57:51.0190 0x0ca8  Avgldx86 - ok
15:57:51.0253 0x0ca8  [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
15:57:51.0268 0x0ca8  Avglogx - ok
15:57:51.0299 0x0ca8  [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
15:57:51.0315 0x0ca8  Avgmfx86 - ok
15:57:51.0362 0x0ca8  [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
15:57:51.0377 0x0ca8  Avgrkx86 - ok
15:57:51.0409 0x0ca8  [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
15:57:51.0440 0x0ca8  Avgtdix - ok
15:57:51.0549 0x0ca8  [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd           C:\Program Files\AVG\AVG2015\avgwdsvc.exe
15:57:51.0580 0x0ca8  avgwd - ok
15:57:51.0627 0x0ca8  [ 6FB43F0DADB3FDC287D080C19666AF8D, D2AA2172CEAF5954E4F04728D1BC9EA7C47A20E8918E876287FC766895FB617A ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:57:51.0689 0x0ca8  b57nd60x - ok
15:57:51.0705 0x0ca8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:57:51.0767 0x0ca8  Beep - ok
15:57:51.0814 0x0ca8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
15:57:51.0877 0x0ca8  BFE - ok
15:57:52.0048 0x0ca8  BIOSCHK - ok
15:57:52.0126 0x0ca8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
15:57:52.0204 0x0ca8  BITS - ok
15:57:52.0235 0x0ca8  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:57:52.0298 0x0ca8  blbdrive - ok
15:57:52.0313 0x0ca8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:57:52.0391 0x0ca8  bowser - ok
15:57:52.0407 0x0ca8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:57:52.0469 0x0ca8  BrFiltLo - ok
15:57:52.0501 0x0ca8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:57:52.0516 0x0ca8  BrFiltUp - ok
15:57:52.0547 0x0ca8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
15:57:52.0610 0x0ca8  Browser - ok
15:57:52.0625 0x0ca8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:57:52.0781 0x0ca8  Brserid - ok
15:57:52.0813 0x0ca8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:57:52.0891 0x0ca8  BrSerWdm - ok
15:57:52.0922 0x0ca8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:57:52.0969 0x0ca8  BrUsbMdm - ok
15:57:53.0015 0x0ca8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:57:53.0125 0x0ca8  BrUsbSer - ok
15:57:53.0156 0x0ca8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:57:53.0218 0x0ca8  BTHMODEM - ok
15:57:53.0218 0x0ca8  catchme - ok
15:57:53.0249 0x0ca8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:57:53.0281 0x0ca8  cdfs - ok
15:57:53.0343 0x0ca8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:57:53.0374 0x0ca8  cdrom - ok
15:57:53.0405 0x0ca8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
15:57:53.0483 0x0ca8  CertPropSvc - ok
15:57:53.0483 0x0ca8  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:57:53.0515 0x0ca8  circlass - ok
15:57:53.0546 0x0ca8  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
15:57:53.0577 0x0ca8  CLFS - ok
15:57:53.0733 0x0ca8  [ 8B67044AE0621C005245EF62EEF0746F, 6FF9F96CAB3861AD444596FFF20EBE2BDDD98176392DF98C46C821360B0B1E01 ] CLHNService     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
15:57:53.0842 0x0ca8  CLHNService - detected UnsignedFile.Multi.Generic ( 1 )
15:57:53.0936 0x0ca8  CLHNService ( UnsignedFile.Multi.Generic ) - warning
15:57:54.0029 0x0ca8  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:54.0045 0x0ca8  clr_optimization_v2.0.50727_32 - ok
15:57:54.0092 0x0ca8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:54.0107 0x0ca8  clr_optimization_v4.0.30319_32 - ok
15:57:54.0185 0x0ca8  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:54.0373 0x0ca8  CmBatt - ok
15:57:54.0404 0x0ca8  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:57:54.0419 0x0ca8  cmdide - ok
15:57:54.0435 0x0ca8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:57:54.0451 0x0ca8  Compbatt - ok
15:57:54.0466 0x0ca8  COMSysApp - ok
15:57:54.0482 0x0ca8  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:57:54.0497 0x0ca8  crcdisk - ok
15:57:54.0591 0x0ca8  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:57:54.0669 0x0ca8  Crusoe - ok
15:57:54.0747 0x0ca8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:57:54.0809 0x0ca8  CryptSvc - ok
15:57:54.0919 0x0ca8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:57:54.0997 0x0ca8  DcomLaunch - ok
15:57:55.0043 0x0ca8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:57:55.0121 0x0ca8  DfsC - ok
15:57:55.0262 0x0ca8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:57:55.0402 0x0ca8  DFSR - ok
15:57:55.0418 0x0ca8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:57:55.0480 0x0ca8  Dhcp - ok
15:57:55.0496 0x0ca8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:57:55.0527 0x0ca8  disk - ok
15:57:55.0574 0x0ca8  [ 73BAF270D24FE726B9CD7F80BB17A23D, 12ADFB26C16A7D3F623C1A6B72D4C6AB9163EBC93CF13CB2AC6897FB95E96105 ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
15:57:55.0589 0x0ca8  DKbFltr - ok
15:57:55.0621 0x0ca8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:57:55.0683 0x0ca8  Dnscache - ok
15:57:55.0745 0x0ca8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
15:57:55.0777 0x0ca8  dot3svc - ok
15:57:55.0823 0x0ca8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
15:57:55.0901 0x0ca8  DPS - ok
15:57:55.0933 0x0ca8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:57:55.0995 0x0ca8  drmkaud - ok
15:57:56.0042 0x0ca8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:57:56.0073 0x0ca8  DXGKrnl - ok
15:57:56.0104 0x0ca8  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:57:56.0182 0x0ca8  E1G60 - ok
15:57:56.0213 0x0ca8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:57:56.0260 0x0ca8  EapHost - ok
15:57:56.0291 0x0ca8  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:57:56.0323 0x0ca8  Ecache - ok
15:57:56.0822 0x0ca8  [ B1F2503E23425B386DF0F3413B2596F3, 02FB1FA57679DBFF2E13641AB7C24CC28D5A4CFB0C51B7A617D3A3A406B8DF0C ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:57:56.0837 0x0ca8  eDataSecurity Service - ok
15:57:56.0962 0x0ca8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:57:57.0040 0x0ca8  ehRecvr - ok
15:57:57.0087 0x0ca8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
15:57:57.0149 0x0ca8  ehSched - ok
15:57:57.0196 0x0ca8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
15:57:57.0212 0x0ca8  ehstart - ok
15:57:57.0290 0x0ca8  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:57:57.0321 0x0ca8  elxstor - ok
15:57:57.0383 0x0ca8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:57:57.0446 0x0ca8  EMDMgmt - ok
15:57:57.0493 0x0ca8  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:57:57.0539 0x0ca8  ErrDev - ok
15:57:57.0586 0x0ca8  [ F25247D0E011A643EE60052CE23BE05E, 6C4957D0D2F63C10AD5AFB14CC99D7A94AC6FEF69168F5F09973B883EE2501D0 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
15:57:57.0633 0x0ca8  ETService - detected UnsignedFile.Multi.Generic ( 1 )
15:57:57.0633 0x0ca8  ETService ( UnsignedFile.Multi.Generic ) - warning
15:57:57.0727 0x0ca8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
15:57:57.0789 0x0ca8  EventSystem - ok
15:57:57.0820 0x0ca8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:57:57.0883 0x0ca8  exfat - ok
15:57:57.0945 0x0ca8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:57:58.0007 0x0ca8  fastfat - ok
15:57:58.0054 0x0ca8  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:57:58.0101 0x0ca8  fdc - ok
15:57:58.0351 0x0ca8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
15:57:58.0413 0x0ca8  fdPHost - ok
15:57:58.0460 0x0ca8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:57:58.0538 0x0ca8  FDResPub - ok
15:57:58.0553 0x0ca8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:57:58.0569 0x0ca8  FileInfo - ok
15:57:58.0631 0x0ca8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:57:58.0663 0x0ca8  Filetrace - ok
15:57:58.0741 0x0ca8  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:58.0803 0x0ca8  flpydisk - ok
15:57:58.0819 0x0ca8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:57:58.0834 0x0ca8  FltMgr - ok
15:57:58.0943 0x0ca8  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
15:57:59.0021 0x0ca8  FontCache - ok
15:57:59.0099 0x0ca8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:57:59.0115 0x0ca8  FontCache3.0.0.0 - ok
15:57:59.0146 0x0ca8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:57:59.0177 0x0ca8  Fs_Rec - ok
15:57:59.0209 0x0ca8  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:57:59.0224 0x0ca8  gagp30kx - ok
15:57:59.0287 0x0ca8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
15:57:59.0333 0x0ca8  gpsvc - ok
15:57:59.0365 0x0ca8  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:57:59.0427 0x0ca8  HdAudAddService - ok
15:57:59.0505 0x0ca8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:59.0536 0x0ca8  HDAudBus - ok
15:57:59.0567 0x0ca8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:57:59.0630 0x0ca8  HidBth - ok
15:57:59.0645 0x0ca8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:57:59.0755 0x0ca8  HidIr - ok
15:57:59.0895 0x0ca8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
15:57:59.0942 0x0ca8  hidserv - ok
15:57:59.0973 0x0ca8  [ 7F7E5E98CEFED8A10F7E56810EA7B6DF, 7D9F6801B24C96FAE77A50162074EDA4C4470C1E240BDC79ECB6B514E195291C ] hidshim         C:\Windows\system32\DRIVERS\hidshim.sys
15:58:00.0004 0x0ca8  hidshim - ok
15:58:00.0035 0x0ca8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:58:00.0067 0x0ca8  HidUsb - ok
15:58:00.0129 0x0ca8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:58:00.0160 0x0ca8  hkmsvc - ok
15:58:00.0238 0x0ca8  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:58:00.0254 0x0ca8  HpCISSs - ok
15:58:00.0301 0x0ca8  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:58:00.0347 0x0ca8  HSFHWAZL - ok
15:58:00.0425 0x0ca8  [ 7BC42C65B5C6281777C1A7605B253BA8, 71885EB4E8625450ECA4623466FB3D5437DAABE739A5DC3B5F4CF982A65F8A86 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
15:58:00.0535 0x0ca8  HSF_DPV - ok
15:58:00.0550 0x0ca8  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E, A11CE324DD8E8BDFFDF513429C32D3C16EC79DC9A7517048587759B26BF38583 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
15:58:00.0597 0x0ca8  HSXHWAZL - ok
15:58:00.0644 0x0ca8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:58:00.0706 0x0ca8  HTTP - ok
15:58:00.0737 0x0ca8  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:58:00.0753 0x0ca8  i2omp - ok
15:58:00.0769 0x0ca8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:58:00.0800 0x0ca8  i8042prt - ok
15:58:00.0831 0x0ca8  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:58:00.0847 0x0ca8  iaStorV - ok
15:58:00.0987 0x0ca8  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:58:01.0112 0x0ca8  idsvc - ok
15:58:01.0143 0x0ca8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:58:01.0159 0x0ca8  iirsp - ok
15:58:01.0205 0x0ca8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:58:01.0252 0x0ca8  IKEEXT - ok
15:58:01.0283 0x0ca8  [ 58FF11C95C3681C9250914521CB9F036, 21249A7F85FCCC5DF56F67C92D3964CFBD3E9855EABDD2148075200A86868372 ] int15           C:\Windows\system32\drivers\int15.sys
15:58:01.0299 0x0ca8  int15 - ok
15:58:01.0393 0x0ca8  [ B8716D9677B04B82FA405C8C54954728, 19BD403E268F27E2A50B3619ED87D6553D837456E32C56CB596C0E87A2B4895F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:58:01.0533 0x0ca8  IntcAzAudAddService - ok
15:58:01.0580 0x0ca8  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
15:58:01.0580 0x0ca8  intelide - ok
15:58:01.0611 0x0ca8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:58:01.0705 0x0ca8  intelppm - ok
15:58:01.0767 0x0ca8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:58:01.0798 0x0ca8  IPBusEnum - ok
15:58:01.0814 0x0ca8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:58:01.0861 0x0ca8  IpFilterDriver - ok
15:58:01.0907 0x0ca8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:58:01.0970 0x0ca8  iphlpsvc - ok
15:58:01.0970 0x0ca8  IpInIp - ok
15:58:02.0001 0x0ca8  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:58:02.0048 0x0ca8  IPMIDRV - ok
15:58:02.0079 0x0ca8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:58:02.0126 0x0ca8  IPNAT - ok
15:58:02.0141 0x0ca8  [ E50A95179211B12946F7E035D60AF560, 69765E2548BA708FF35545EC944DBA1940AD4065AF90E53B97A7792AC231DCF7 ] irda            C:\Windows\system32\DRIVERS\irda.sys
15:58:02.0173 0x0ca8  irda - ok
15:58:02.0188 0x0ca8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:58:02.0235 0x0ca8  IRENUM - ok
15:58:02.0297 0x0ca8  [ CBB0D940221A281BCFEAEA695BD1CDA5, D05D192019524A02FE3FAE6827B98A942FA1AD651BF7AA53530A8A6F4ADFB7EB ] Irmon           C:\Windows\System32\irmon.dll
15:58:02.0360 0x0ca8  Irmon - ok
15:58:02.0391 0x0ca8  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:58:02.0407 0x0ca8  isapnp - ok
15:58:02.0438 0x0ca8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:58:02.0469 0x0ca8  iScsiPrt - ok
15:58:02.0563 0x0ca8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:58:02.0578 0x0ca8  iteatapi - ok
15:58:02.0594 0x0ca8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:58:02.0609 0x0ca8  iteraid - ok
15:58:02.0625 0x0ca8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:58:02.0641 0x0ca8  kbdclass - ok
15:58:02.0672 0x0ca8  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:58:02.0703 0x0ca8  kbdhid - ok
15:58:02.0797 0x0ca8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:58:02.0859 0x0ca8  KeyIso - ok
15:58:02.0906 0x0ca8  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:58:02.0937 0x0ca8  KSecDD - ok
15:58:02.0999 0x0ca8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:58:03.0077 0x0ca8  KtmRm - ok
15:58:03.0109 0x0ca8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:58:03.0171 0x0ca8  LanmanServer - ok
15:58:03.0202 0x0ca8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:58:03.0265 0x0ca8  LanmanWorkstation - ok
15:58:03.0358 0x0ca8  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:58:03.0389 0x0ca8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
15:58:03.0389 0x0ca8  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:58:03.0421 0x0ca8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:58:03.0467 0x0ca8  lltdio - ok
15:58:03.0530 0x0ca8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:58:03.0577 0x0ca8  lltdsvc - ok
15:58:03.0608 0x0ca8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:58:03.0670 0x0ca8  lmhosts - ok
15:58:03.0717 0x0ca8  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:58:03.0733 0x0ca8  LSI_FC - ok
15:58:03.0748 0x0ca8  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:58:03.0764 0x0ca8  LSI_SAS - ok
15:58:03.0795 0x0ca8  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:58:03.0826 0x0ca8  LSI_SCSI - ok
15:58:03.0842 0x0ca8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:58:03.0889 0x0ca8  luafv - ok
15:58:03.0920 0x0ca8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:58:03.0951 0x0ca8  Mcx2Svc - ok
15:58:03.0982 0x0ca8  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:58:03.0998 0x0ca8  mdmxsdk - ok
15:58:04.0029 0x0ca8  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
15:58:04.0045 0x0ca8  megasas - ok
15:58:04.0060 0x0ca8  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:58:04.0091 0x0ca8  MegaSR - ok
15:58:04.0185 0x0ca8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
15:58:04.0247 0x0ca8  MMCSS - ok
15:58:04.0325 0x0ca8  MobilityService - ok
15:58:04.0341 0x0ca8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
15:58:04.0403 0x0ca8  Modem - ok
15:58:04.0419 0x0ca8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:58:04.0481 0x0ca8  monitor - ok
15:58:04.0513 0x0ca8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:58:04.0528 0x0ca8  mouclass - ok
15:58:04.0544 0x0ca8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:58:04.0575 0x0ca8  mouhid - ok
15:58:04.0606 0x0ca8  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:58:04.0622 0x0ca8  MountMgr - ok
15:58:04.0669 0x0ca8  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:58:04.0684 0x0ca8  MozillaMaintenance - ok
15:58:04.0731 0x0ca8  [ 7D2484C4995A3DB47345EFED2A0B579E, 55B3CDE0BEF743874793679692A6C744B2771C85A0FEE1904F28A51EEE9C0CEB ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:58:04.0747 0x0ca8  MpFilter - ok
15:58:04.0778 0x0ca8  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:58:04.0793 0x0ca8  mpio - ok
15:58:04.0825 0x0ca8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:58:04.0856 0x0ca8  mpsdrv - ok
15:58:04.0918 0x0ca8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:58:04.0981 0x0ca8  MpsSvc - ok
15:58:05.0012 0x0ca8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:58:05.0027 0x0ca8  Mraid35x - ok
15:58:05.0121 0x0ca8  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:58:05.0168 0x0ca8  MRxDAV - ok
15:58:05.0199 0x0ca8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:05.0246 0x0ca8  mrxsmb - ok
15:58:05.0277 0x0ca8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:05.0308 0x0ca8  mrxsmb10 - ok
15:58:05.0308 0x0ca8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:05.0339 0x0ca8  mrxsmb20 - ok
15:58:05.0355 0x0ca8  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
15:58:05.0371 0x0ca8  msahci - ok
15:58:05.0449 0x0ca8  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:58:05.0464 0x0ca8  msdsm - ok
15:58:05.0480 0x0ca8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
15:58:05.0527 0x0ca8  MSDTC - ok
15:58:05.0558 0x0ca8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:58:05.0589 0x0ca8  Msfs - ok
15:58:05.0589 0x0ca8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:58:05.0605 0x0ca8  msisadrv - ok
15:58:05.0667 0x0ca8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:58:05.0698 0x0ca8  MSiSCSI - ok
15:58:05.0698 0x0ca8  msiserver - ok
15:58:05.0854 0x0ca8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:58:05.0885 0x0ca8  MSKSSRV - ok
15:58:06.0010 0x0ca8  [ F26F7A5B18C717E57E3B6B306ABEC00B, 4C49C67A48F6B77E38A7FD28C960C92DFF371ACF0722C6EE4DF5F4B382937870 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:58:06.0041 0x0ca8  MsMpSvc - ok
15:58:06.0057 0x0ca8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:06.0104 0x0ca8  MSPCLOCK - ok
15:58:06.0135 0x0ca8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:58:06.0197 0x0ca8  MSPQM - ok
15:58:06.0260 0x0ca8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:58:06.0275 0x0ca8  MsRPC - ok
15:58:06.0307 0x0ca8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:58:06.0322 0x0ca8  mssmbios - ok
15:58:06.0338 0x0ca8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:58:06.0400 0x0ca8  MSTEE - ok
15:58:06.0416 0x0ca8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:58:06.0431 0x0ca8  Mup - ok
15:58:06.0463 0x0ca8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:58:06.0541 0x0ca8  napagent - ok
15:58:06.0587 0x0ca8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:58:06.0650 0x0ca8  NativeWifiP - ok
15:58:06.0697 0x0ca8  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:58:06.0775 0x0ca8  NDIS - ok
15:58:06.0806 0x0ca8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:06.0837 0x0ca8  NdisTapi - ok
15:58:06.0884 0x0ca8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:06.0931 0x0ca8  Ndisuio - ok
15:58:06.0946 0x0ca8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:06.0977 0x0ca8  NdisWan - ok
15:58:07.0009 0x0ca8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:58:07.0071 0x0ca8  NDProxy - ok
15:58:07.0102 0x0ca8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:58:07.0149 0x0ca8  NetBIOS - ok
15:58:07.0196 0x0ca8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:58:07.0227 0x0ca8  netbt - ok
15:58:07.0289 0x0ca8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:58:07.0305 0x0ca8  Netlogon - ok
15:58:07.0367 0x0ca8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:58:07.0414 0x0ca8  Netman - ok
15:58:07.0461 0x0ca8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:07.0477 0x0ca8  NetMsmqActivator - ok
15:58:07.0508 0x0ca8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:07.0523 0x0ca8  NetPipeActivator - ok
15:58:07.0539 0x0ca8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:58:07.0617 0x0ca8  netprofm - ok
15:58:07.0679 0x0ca8  [ A013222A9A890DDAAC967DEBADE59EAD, A36EDE54BFF1204981BABA185926718FFFEA72DDE6DB21A4869A0A1B016CD7F6 ] netr28          C:\Windows\system32\DRIVERS\netr28.sys
15:58:07.0742 0x0ca8  netr28 - ok
15:58:07.0757 0x0ca8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:07.0773 0x0ca8  NetTcpActivator - ok
15:58:07.0773 0x0ca8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:07.0804 0x0ca8  NetTcpPortSharing - ok
15:58:07.0835 0x0ca8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:58:07.0851 0x0ca8  nfrd960 - ok
15:58:07.0898 0x0ca8  [ 94B8279FC0E27A8253944DFA47FC4A83, D799003BD163200F7DE0EC882756EF08AA70C45BF0518E3BC6DB8B8FB74BF663 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:58:07.0913 0x0ca8  NisDrv - ok
15:58:07.0960 0x0ca8  [ 1452F52471F2DC1515DD6C35B42FF06E, 57A2858B24D0C9C229A4C76F85DB453E867921C2B4E41835211C4EB5EBE99DE8 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:58:07.0991 0x0ca8  NisSrv - ok
15:58:08.0069 0x0ca8  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:58:08.0132 0x0ca8  NlaSvc - ok
15:58:08.0147 0x0ca8  [ A00877C05933FBA8AFB3390DD72D4679, 684D9642173C4BF4B752F259D5E89F16BC8B4B1608F1E6E176AA692A9775CE38 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
15:58:08.0210 0x0ca8  nmwcd - ok
15:58:08.0241 0x0ca8  [ 9FF15F18E4E8758AC57BDB910D0238B3, F27C40BDD3818C54E1099AD525C7C19B424E0C4676DB366DE0E905CA3F82A310 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
15:58:08.0288 0x0ca8  nmwcdc - ok
15:58:08.0319 0x0ca8  [ B0575681498D75E0C0432200702B4A0A, EE6037B038265562A4F59E92A9F665C7A8AA8E8C5DEB3481F1F7B6D39A4E4954 ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
15:58:08.0381 0x0ca8  nmwcdnsu - ok
15:58:08.0397 0x0ca8  [ 9699486E10F89163979FCD48A40FE805, 04D05666920C91106FFF60F1DCE7D8B89F6F1419D0035A5BF7AB5F0BA5C39B31 ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
15:58:08.0444 0x0ca8  nmwcdnsuc - ok
15:58:08.0459 0x0ca8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:58:08.0522 0x0ca8  Npfs - ok
15:58:08.0553 0x0ca8  [ 6D8D2E5652FC2442C810C5D8BE784148, 013FF4FA03CA2E066B1946CC09889616B243068BA0FB2E58D4C1435BF66FBC87 ] NSCIRDA         C:\Windows\system32\DRIVERS\nscirda.sys
15:58:08.0615 0x0ca8  NSCIRDA - ok
15:58:08.0647 0x0ca8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
15:58:08.0709 0x0ca8  nsi - ok
15:58:08.0803 0x0ca8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:58:08.0849 0x0ca8  nsiproxy - ok
15:58:08.0912 0x0ca8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:58:09.0052 0x0ca8  Ntfs - ok
15:58:09.0083 0x0ca8  [ 2757D2BA59AEE155209E24942AB127C9, 60C8571D548901A68591F1C7C548B40FA1086D21D23B8CB1083A8AE50760FE87 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:58:09.0177 0x0ca8  NTIDrvr - ok
15:58:09.0193 0x0ca8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:58:09.0255 0x0ca8  ntrigdigi - ok
15:58:09.0271 0x0ca8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:58:09.0317 0x0ca8  Null - ok
15:58:09.0349 0x0ca8  [ 85D8845B7B6A434B7CE35723BF0E5C57, F10026F2F63F4852D9E174E1D4E0345BB5080A20370F7F350F5D5951CD52F5BC ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
15:58:09.0395 0x0ca8  nuvotonhidgeneric - ok
15:58:09.0442 0x0ca8  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:58:09.0473 0x0ca8  nvraid - ok
15:58:09.0505 0x0ca8  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:58:09.0520 0x0ca8  nvstor - ok
15:58:09.0536 0x0ca8  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:58:09.0551 0x0ca8  nv_agp - ok
15:58:09.0551 0x0ca8  NwlnkFlt - ok
15:58:09.0567 0x0ca8  NwlnkFwd - ok
15:58:09.0629 0x0ca8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:58:09.0661 0x0ca8  odserv - ok
15:58:09.0676 0x0ca8  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:58:09.0723 0x0ca8  ohci1394 - ok
15:58:09.0770 0x0ca8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:58:09.0785 0x0ca8  ose - ok
15:58:09.0848 0x0ca8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:58:09.0926 0x0ca8  p2pimsvc - ok
15:58:09.0973 0x0ca8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:58:10.0019 0x0ca8  p2psvc - ok
15:58:10.0051 0x0ca8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
15:58:10.0113 0x0ca8  Parport - ok
15:58:10.0160 0x0ca8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:58:10.0175 0x0ca8  partmgr - ok
15:58:10.0269 0x0ca8  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:58:10.0331 0x0ca8  Parvdm - ok
15:58:10.0409 0x0ca8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:58:10.0503 0x0ca8  PcaSvc - ok
15:58:10.0534 0x0ca8  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:58:10.0565 0x0ca8  pccsmcfd - ok
15:58:10.0597 0x0ca8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
15:58:10.0628 0x0ca8  pci - ok
15:58:10.0628 0x0ca8  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:58:10.0643 0x0ca8  pciide - ok
15:58:10.0690 0x0ca8  [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:58:10.0706 0x0ca8  pcmcia - ok
15:58:10.0768 0x0ca8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:58:10.0862 0x0ca8  PEAUTH - ok
15:58:10.0987 0x0ca8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
15:58:11.0080 0x0ca8  pla - ok
15:58:11.0127 0x0ca8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:58:11.0205 0x0ca8  PlugPlay - ok
15:58:11.0252 0x0ca8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:58:11.0314 0x0ca8  PNRPAutoReg - ok
15:58:11.0361 0x0ca8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:58:11.0408 0x0ca8  PNRPsvc - ok
15:58:11.0455 0x0ca8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:58:11.0501 0x0ca8  PolicyAgent - ok
15:58:11.0798 0x0ca8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:58:11.0829 0x0ca8  PptpMiniport - ok
15:58:11.0891 0x0ca8  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
15:58:11.0969 0x0ca8  Processor - ok
15:58:12.0047 0x0ca8  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:58:12.0125 0x0ca8  ProfSvc - ok
15:58:12.0141 0x0ca8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:58:12.0157 0x0ca8  ProtectedStorage - ok
15:58:12.0188 0x0ca8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:58:12.0266 0x0ca8  PSched - ok
15:58:12.0297 0x0ca8  [ 628321C8DD76AD369B362B202E655A68, 751756AB21D5C1885EF74C3878C5625860AF2934920DA015237D614399976C5A ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
15:58:12.0313 0x0ca8  PSDFilter - ok
15:58:12.0359 0x0ca8  [ 79D7117E62709C7690CF3DD55ACEAD37, BB05CD9B7B966AD5B26DA8647CCB0FD0786CDD3C7BB22FCEE5005CD4A253FBD9 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
15:58:12.0375 0x0ca8  PSDNServ - ok
15:58:12.0952 0x0ca8  [ CAE5E82827990CF4BD4A49576BDE3A43, 3A8B9CF9A8F50337F164F4996AB05602EEA403054577253FFFFEBB0B70F77208 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:58:12.0968 0x0ca8  psdvdisk - ok
15:58:13.0171 0x0ca8  [ D24DFD16A1E2A76034DF5AA18125C35D, BB1F2BB3EB69DE742AA8ED33DCB572888BC473182E0F7DA860CB57903C9924A6 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
15:58:13.0249 0x0ca8  PSI - ok
15:58:13.0311 0x0ca8  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:58:13.0420 0x0ca8  ql2300 - ok
15:58:13.0436 0x0ca8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:58:13.0451 0x0ca8  ql40xx - ok
15:58:13.0498 0x0ca8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
15:58:13.0545 0x0ca8  QWAVE - ok
15:58:13.0592 0x0ca8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:58:13.0639 0x0ca8  QWAVEdrv - ok
15:58:13.0654 0x0ca8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:58:13.0701 0x0ca8  RasAcd - ok
15:58:13.0717 0x0ca8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
15:58:13.0779 0x0ca8  RasAuto - ok
15:58:13.0826 0x0ca8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:13.0888 0x0ca8  Rasl2tp - ok
15:58:13.0935 0x0ca8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:58:13.0997 0x0ca8  RasMan - ok
15:58:13.0997 0x0ca8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:14.0044 0x0ca8  RasPppoe - ok
15:58:14.0044 0x0ca8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:58:14.0060 0x0ca8  RasSstp - ok
15:58:14.0091 0x0ca8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:58:14.0138 0x0ca8  rdbss - ok
15:58:14.0153 0x0ca8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:14.0200 0x0ca8  RDPCDD - ok
15:58:14.0231 0x0ca8  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:58:14.0278 0x0ca8  rdpdr - ok
15:58:14.0278 0x0ca8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:58:14.0309 0x0ca8  RDPENCDD - ok
15:58:14.0434 0x0ca8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:58:14.0497 0x0ca8  RDPWD - ok
15:58:14.0528 0x0ca8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:58:14.0575 0x0ca8  RemoteAccess - ok
15:58:14.0590 0x0ca8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:58:14.0637 0x0ca8  RemoteRegistry - ok
15:58:14.0731 0x0ca8  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       c:\Program Files\Cyberlink\Shared files\RichVideo.exe
15:58:14.0746 0x0ca8  RichVideo - ok
15:58:14.0793 0x0ca8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:58:14.0871 0x0ca8  RpcLocator - ok
15:58:14.0902 0x0ca8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
15:58:14.0933 0x0ca8  RpcSs - ok
15:58:14.0965 0x0ca8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:58:15.0027 0x0ca8  rspndr - ok
15:58:15.0058 0x0ca8  [ 065A51298212455584F1811B033B617E, 74FE455F7415A8D2199C92ED3F3A0190878FDBAFBCA2127D70643A215548AAF3 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
15:58:15.0136 0x0ca8  RTHDMIAzAudService - ok
15:58:15.0183 0x0ca8  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
15:58:15.0214 0x0ca8  RTSTOR - ok
15:58:15.0230 0x0ca8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
15:58:15.0245 0x0ca8  SamSs - ok
15:58:15.0479 0x0ca8  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:58:15.0495 0x0ca8  SASDIFSV - ok
15:58:15.0604 0x0ca8  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:58:15.0635 0x0ca8  SASKUTIL - ok
15:58:15.0682 0x0ca8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:58:15.0698 0x0ca8  sbp2port - ok
15:58:15.0760 0x0ca8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:58:15.0823 0x0ca8  SCardSvr - ok
15:58:15.0869 0x0ca8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
15:58:15.0932 0x0ca8  Schedule - ok
15:58:15.0963 0x0ca8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:58:15.0979 0x0ca8  SCPolicySvc - ok
15:58:16.0057 0x0ca8  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:58:16.0119 0x0ca8  sdbus - ok
15:58:16.0150 0x0ca8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:58:16.0213 0x0ca8  SDRSVC - ok
15:58:16.0337 0x0ca8  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
15:58:16.0431 0x0ca8  SDScannerService - ok
15:58:16.0525 0x0ca8  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:58:16.0634 0x0ca8  SDUpdateService - ok
15:58:16.0649 0x0ca8  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:58:16.0681 0x0ca8  SDWSCService - ok
15:58:16.0930 0x0ca8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:58:17.0008 0x0ca8  secdrv - ok
15:58:17.0039 0x0ca8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
15:58:17.0133 0x0ca8  seclogon - ok
15:58:17.0227 0x0ca8  [ 9044795E9D1A912D5F1B8DF6211850FD, 9AFE4E9B5C3E7F911A3E0397678CB1783C99AFB0964D104676B71A0C46CB08A4 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
15:58:17.0554 0x0ca8  Secunia PSI Agent - ok
15:58:17.0648 0x0ca8  [ 8B1A72E4FB63A9C068B08E1F9B70482A, 32A529B3595C95A4306B7A4C199940F88D56B5563BE040478AF1963BBDED0394 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
15:58:17.0835 0x0ca8  Secunia Update Agent - ok
15:58:17.0944 0x0ca8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
15:58:17.0961 0x0ca8  SENS - ok
15:58:17.0996 0x0ca8  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:58:18.0096 0x0ca8  Serenum - ok
15:58:18.0115 0x0ca8  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
15:58:18.0169 0x0ca8  Serial - ok
15:58:18.0218 0x0ca8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:58:18.0263 0x0ca8  sermouse - ok
15:58:18.0372 0x0ca8  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:58:18.0450 0x0ca8  ServiceLayer - ok
15:58:18.0528 0x0ca8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:58:18.0575 0x0ca8  SessionEnv - ok
15:58:18.0622 0x0ca8  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:58:18.0684 0x0ca8  sffdisk - ok
15:58:18.0700 0x0ca8  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:58:18.0731 0x0ca8  sffp_mmc - ok
15:58:18.0747 0x0ca8  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:58:18.0793 0x0ca8  sffp_sd - ok
15:58:18.0809 0x0ca8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:58:18.0856 0x0ca8  sfloppy - ok
15:58:18.0934 0x0ca8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:58:19.0027 0x0ca8  SharedAccess - ok
15:58:19.0090 0x0ca8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:58:19.0183 0x0ca8  ShellHWDetection - ok
15:58:19.0215 0x0ca8  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:58:19.0230 0x0ca8  sisagp - ok
15:58:19.0246 0x0ca8  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:58:19.0261 0x0ca8  SiSRaid2 - ok
15:58:19.0277 0x0ca8  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:58:19.0293 0x0ca8  SiSRaid4 - ok
15:58:19.0511 0x0ca8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
15:58:19.0683 0x0ca8  slsvc - ok
15:58:19.0745 0x0ca8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:58:19.0823 0x0ca8  SLUINotify - ok
15:58:19.0839 0x0ca8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:58:19.0870 0x0ca8  Smb - ok
15:58:19.0917 0x0ca8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:58:19.0948 0x0ca8  SNMPTRAP - ok
15:58:19.0979 0x0ca8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:58:19.0995 0x0ca8  spldr - ok
15:58:20.0073 0x0ca8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:58:20.0151 0x0ca8  Spooler - ok
15:58:20.0197 0x0ca8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:58:20.0275 0x0ca8  srv - ok
15:58:20.0322 0x0ca8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:58:20.0385 0x0ca8  srv2 - ok
15:58:20.0400 0x0ca8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:58:20.0416 0x0ca8  srvnet - ok
15:58:20.0463 0x0ca8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:58:20.0525 0x0ca8  SSDPSRV - ok
15:58:20.0572 0x0ca8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:58:20.0634 0x0ca8  SstpSvc - ok
15:58:20.0681 0x0ca8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:58:20.0712 0x0ca8  stisvc - ok
15:58:20.0743 0x0ca8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:58:20.0759 0x0ca8  swenum - ok
15:58:20.0821 0x0ca8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
15:58:20.0899 0x0ca8  swprv - ok
15:58:20.0931 0x0ca8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:58:20.0946 0x0ca8  Symc8xx - ok
15:58:20.0962 0x0ca8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:58:20.0962 0x0ca8  Sym_hi - ok
15:58:20.0993 0x0ca8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:58:21.0009 0x0ca8  Sym_u3 - ok
15:58:21.0055 0x0ca8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
15:58:21.0118 0x0ca8  SysMain - ok
15:58:21.0243 0x0ca8  [ F7CE757FE4EA0641483A5725F5E26194, 9B17DA41DC3E5B421EA0D9582D6FC2B9384855026CFE29ABF01300C58EB325ED ] SystemExplorerHelpService C:\Program Files\System Explorer\service\SystemExplorerService.exe
15:58:21.0539 0x0ca8  SystemExplorerHelpService - ok
15:58:21.0586 0x0ca8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:58:21.0633 0x0ca8  TabletInputService - ok
15:58:21.0679 0x0ca8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:58:21.0711 0x0ca8  TapiSrv - ok
15:58:21.0757 0x0ca8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
15:58:21.0820 0x0ca8  TBS - ok
15:58:21.0882 0x0ca8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:58:21.0945 0x0ca8  Tcpip - ok
15:58:21.0991 0x0ca8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:58:22.0054 0x0ca8  Tcpip6 - ok
15:58:22.0101 0x0ca8  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:58:22.0163 0x0ca8  tcpipreg - ok
15:58:22.0194 0x0ca8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:58:22.0225 0x0ca8  TDPIPE - ok
15:58:22.0241 0x0ca8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:58:22.0272 0x0ca8  TDTCP - ok
15:58:22.0303 0x0ca8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:58:22.0319 0x0ca8  tdx - ok
15:58:22.0444 0x0ca8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:58:22.0459 0x0ca8  TermDD - ok
15:58:22.0537 0x0ca8  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
15:58:22.0600 0x0ca8  TermService - ok
15:58:22.0631 0x0ca8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:58:22.0662 0x0ca8  Themes - ok
15:58:22.0693 0x0ca8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:58:22.0725 0x0ca8  THREADORDER - ok
15:58:23.0068 0x0ca8  [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService D:\STRABAG TomTom Home 2\TomTomHOMEService.exe
15:58:23.0255 0x0ca8  TomTomHOMEService - ok
15:58:23.0286 0x0ca8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:58:23.0317 0x0ca8  TrkWks - ok
15:58:23.0520 0x0ca8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:58:23.0567 0x0ca8  TrustedInstaller - ok
15:58:23.0614 0x0ca8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:23.0661 0x0ca8  tssecsrv - ok
15:58:23.0817 0x0ca8  [ DFE6CCE27C5CCC3C00D660226050E76D, BA2679363D00F7FCCB6AB751BC79298187BD4FA03D697E313DAF088CE06FF5B3 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
15:58:23.0910 0x0ca8  TuneUp.UtilitiesSvc - ok
15:58:23.0941 0x0ca8  [ E5049C43601473B5A909058596111229, 96CFE481F767C66FA2877594384086C1BE8B2BADBF12DBF4CB72CF73898D0876 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
15:58:23.0957 0x0ca8  TuneUpUtilitiesDrv - ok
15:58:23.0973 0x0ca8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:58:24.0004 0x0ca8  tunmp - ok
mittlerer Teil und Rest folgen

Alt 02.04.2015, 15:51   #7
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


TDSSKiller log 2.4.15, 16.02 h
mittlerer Teil
Code:
ATTFilter
15:58:24.0051 0x0ca8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:58:24.0066 0x0ca8  tunnel - ok
15:58:24.0113 0x0ca8  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:58:24.0129 0x0ca8  uagp35 - ok
15:58:24.0222 0x0ca8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:58:24.0285 0x0ca8  udfs - ok
15:58:24.0331 0x0ca8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:58:24.0394 0x0ca8  UI0Detect - ok
15:58:24.0409 0x0ca8  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:58:24.0425 0x0ca8  uliagpkx - ok
15:58:24.0503 0x0ca8  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:58:24.0519 0x0ca8  uliahci - ok
15:58:24.0597 0x0ca8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:58:24.0612 0x0ca8  UlSata - ok
15:58:24.0628 0x0ca8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:58:24.0643 0x0ca8  ulsata2 - ok
15:58:24.0675 0x0ca8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:58:24.0706 0x0ca8  umbus - ok
15:58:24.0893 0x0ca8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:58:24.0924 0x0ca8  upnphost - ok
15:58:24.0987 0x0ca8  [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3, C0C82480014B646709869A6A6FA2B71B993F9FCD8E2DB9E8F7D341C21EE169CF ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
15:58:25.0033 0x0ca8  upperdev - ok
15:58:25.0158 0x0ca8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:25.0252 0x0ca8  usbccgp - ok
15:58:25.0283 0x0ca8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:58:25.0345 0x0ca8  usbcir - ok
15:58:25.0377 0x0ca8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:58:25.0392 0x0ca8  usbehci - ok
15:58:25.0408 0x0ca8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:58:25.0439 0x0ca8  usbhub - ok
15:58:25.0470 0x0ca8  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:58:25.0517 0x0ca8  usbohci - ok
15:58:25.0548 0x0ca8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:58:25.0579 0x0ca8  usbprint - ok
15:58:25.0626 0x0ca8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:58:25.0689 0x0ca8  usbscan - ok
15:58:25.0735 0x0ca8  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
15:58:25.0798 0x0ca8  usbser - ok
15:58:25.0845 0x0ca8  [ 4E66C71D8D010BFB0DF1042D25E9CB0F, E581ED3557A06FEE7F35DF1C18C7D74FEFD1FC5E6CDAD6692F66F4A033830F1C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
15:58:25.0891 0x0ca8  UsbserFilt - ok
15:58:25.0938 0x0ca8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:58:26.0001 0x0ca8  USBSTOR - ok
15:58:26.0032 0x0ca8  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:58:26.0063 0x0ca8  usbuhci - ok
15:58:26.0094 0x0ca8  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:58:26.0157 0x0ca8  usbvideo - ok
15:58:26.0188 0x0ca8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
15:58:26.0235 0x0ca8  UxSms - ok
15:58:26.0313 0x0ca8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
15:58:26.0375 0x0ca8  vds - ok
15:58:26.0406 0x0ca8  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:26.0453 0x0ca8  vga - ok
15:58:26.0484 0x0ca8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:58:26.0531 0x0ca8  VgaSave - ok
15:58:26.0562 0x0ca8  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:58:26.0578 0x0ca8  viaagp - ok
15:58:26.0609 0x0ca8  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:58:26.0640 0x0ca8  ViaC7 - ok
15:58:26.0671 0x0ca8  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
15:58:26.0687 0x0ca8  viaide - ok
15:58:26.0703 0x0ca8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:58:26.0718 0x0ca8  volmgr - ok
15:58:26.0765 0x0ca8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:58:26.0796 0x0ca8  volmgrx - ok
15:58:26.0874 0x0ca8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:58:26.0890 0x0ca8  volsnap - ok
15:58:26.0921 0x0ca8  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:58:26.0937 0x0ca8  vsmraid - ok
15:58:27.0030 0x0ca8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
15:58:27.0108 0x0ca8  VSS - ok
15:58:27.0186 0x0ca8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
15:58:27.0233 0x0ca8  W32Time - ok
15:58:27.0280 0x0ca8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:58:27.0327 0x0ca8  WacomPen - ok
15:58:27.0342 0x0ca8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:58:27.0389 0x0ca8  Wanarp - ok
15:58:27.0389 0x0ca8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:58:27.0420 0x0ca8  Wanarpv6 - ok
15:58:27.0514 0x0ca8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:58:27.0561 0x0ca8  wcncsvc - ok
15:58:27.0623 0x0ca8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:58:27.0670 0x0ca8  WcsPlugInService - ok
15:58:27.0717 0x0ca8  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
15:58:27.0717 0x0ca8  Wd - ok
15:58:27.0779 0x0ca8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:58:27.0826 0x0ca8  Wdf01000 - ok
15:58:27.0873 0x0ca8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:58:27.0904 0x0ca8  WdiServiceHost - ok
15:58:27.0935 0x0ca8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:58:27.0966 0x0ca8  WdiSystemHost - ok
15:58:28.0029 0x0ca8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
15:58:28.0091 0x0ca8  WebClient - ok
15:58:28.0138 0x0ca8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:58:28.0200 0x0ca8  Wecsvc - ok
15:58:28.0231 0x0ca8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:58:28.0294 0x0ca8  wercplsupport - ok
15:58:28.0325 0x0ca8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:58:28.0372 0x0ca8  WerSvc - ok
15:58:28.0481 0x0ca8  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA, 711DD957AF98F1B835ECE0FEBCCF8FCC7763F1DAA232F1C9E80DE6DA123C7F33 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
15:58:28.0528 0x0ca8  winachsf - ok
15:58:28.0621 0x0ca8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:58:28.0653 0x0ca8  WinDefend - ok
15:58:28.0653 0x0ca8  WinHttpAutoProxySvc - ok
15:58:28.0762 0x0ca8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:58:28.0777 0x0ca8  Winmgmt - ok
15:58:28.0887 0x0ca8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:58:28.0965 0x0ca8  WinRM - ok
15:58:29.0058 0x0ca8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:58:29.0136 0x0ca8  Wlansvc - ok
15:58:29.0230 0x0ca8  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:58:29.0245 0x0ca8  WmiAcpi - ok
15:58:29.0355 0x0ca8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:58:29.0370 0x0ca8  wmiApSrv - ok
15:58:29.0479 0x0ca8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:58:29.0557 0x0ca8  WMPNetworkSvc - ok
15:58:29.0620 0x0ca8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:58:29.0667 0x0ca8  WPCSvc - ok
15:58:29.0729 0x0ca8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:58:29.0791 0x0ca8  WPDBusEnum - ok
15:58:29.0823 0x0ca8  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:58:29.0869 0x0ca8  WpdUsb - ok
15:58:29.0947 0x0ca8  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:58:29.0994 0x0ca8  WPFFontCache_v0400 - ok
15:58:30.0041 0x0ca8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:58:30.0088 0x0ca8  ws2ifsl - ok
15:58:30.0135 0x0ca8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
15:58:30.0150 0x0ca8  wscsvc - ok
15:58:30.0166 0x0ca8  WSearch - ok
15:58:30.0259 0x0ca8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:58:30.0353 0x0ca8  wuauserv - ok
15:58:30.0400 0x0ca8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:58:30.0447 0x0ca8  WudfPf - ok
15:58:30.0509 0x0ca8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:58:30.0540 0x0ca8  WUDFRd - ok
15:58:30.0587 0x0ca8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:58:30.0618 0x0ca8  wudfsvc - ok
15:58:30.0649 0x0ca8  [ 88AF537264F2B818DA15479CEEAF5D7C, E0F95D6448FFB77351BB63ED444238F891B16748FD09F8BCCA23BEC4E341A96B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
15:58:30.0696 0x0ca8  XAudio - ok
15:58:30.0743 0x0ca8  [ 15A317674A08DF26BE65164D959E9203, 6EEE0D1711F37936D157651E265A65137BCBFBDA17F066C844BAA0D53558F86A ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
15:58:30.0790 0x0ca8  XAudioService - ok
15:58:30.0805 0x0ca8  ================ Scan global ===============================
15:58:30.0868 0x0ca8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:58:31.0008 0x0ca8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:58:31.0071 0x0ca8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:58:31.0117 0x0ca8  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
15:58:31.0133 0x0ca8  [ Global ] - ok
15:58:31.0133 0x0ca8  ================ Scan MBR ==================================
15:58:31.0133 0x0ca8  [ 27A811553A4F7A6A891CA99FFAE128F7 ] \Device\Harddisk0\DR0
15:58:36.0687 0x0ca8  \Device\Harddisk0\DR0 - ok
15:58:36.0687 0x0ca8  ================ Scan VBR ==================================
15:58:36.0733 0x0ca8  [ 3085134B9FBE51B698BA4CF77D9EAC35 ] \Device\Harddisk0\DR0\Partition1
15:58:36.0811 0x0ca8  \Device\Harddisk0\DR0\Partition1 - ok
15:58:36.0905 0x0ca8  [ CE2F1EA48324CAEC4F66A639E4CCE59E ] \Device\Harddisk0\DR0\Partition2
15:58:37.0014 0x0ca8  \Device\Harddisk0\DR0\Partition2 - ok
15:58:37.0014 0x0ca8  ================ Scan active images ========================
15:58:37.0014 0x0ca8  [ 36975327EF03949CC378AB01E316B574, C64CEF47DE41486F4532B9A38EBB05F2043B1A84762B8A4749BB01573B7F8FB5 ] C:\Windows\System32\drivers\crashdmp.sys
15:58:37.0014 0x0ca8  C:\Windows\System32\drivers\crashdmp.sys - ok
15:58:37.0014 0x0ca8  [ C67EBF9C05531C406E1E079FF669A2E6, 5B457E9C981CB0FEB4A5C9FFA16412D129186CB090127FC517B827BC530CBBE3 ] C:\Windows\System32\drivers\Dumpata.sys
15:58:37.0014 0x0ca8  C:\Windows\System32\drivers\Dumpata.sys - ok
15:58:37.0030 0x0ca8  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] C:\Windows\System32\drivers\msahci.sys
15:58:37.0030 0x0ca8  C:\Windows\System32\drivers\msahci.sys - ok
15:58:37.0030 0x0ca8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] C:\Windows\System32\drivers\tunnel.sys
15:58:37.0030 0x0ca8  C:\Windows\System32\drivers\tunnel.sys - ok
15:58:37.0045 0x0ca8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\Windows\System32\drivers\TUNMP.SYS
15:58:37.0045 0x0ca8  C:\Windows\System32\drivers\TUNMP.SYS - ok
15:58:37.0045 0x0ca8  [ 7526AD10925D1AA9E4E6B0FB393B701F, C3E8F4D99C7A206C48AC5EC79FB7BFD35F4B8CF03DA56B54F2529155AB141566 ] C:\Windows\System32\drivers\atikmdag.sys
15:58:37.0045 0x0ca8  C:\Windows\System32\drivers\atikmdag.sys - ok
15:58:37.0045 0x0ca8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] C:\Windows\System32\drivers\dxgkrnl.sys
15:58:37.0045 0x0ca8  C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:58:37.0061 0x0ca8  [ 4A5C31E2C1646034E6A60EBA4C747FF6, CC5473E0B07014AAD4FCC2EE01C9E607FE43422A5A5851B2AD38E37C0AB7CDCF ] C:\Windows\System32\drivers\watchdog.sys
15:58:37.0061 0x0ca8  C:\Windows\System32\drivers\watchdog.sys - ok
15:58:37.0061 0x0ca8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] C:\Windows\System32\drivers\hdaudbus.sys
15:58:37.0061 0x0ca8  C:\Windows\System32\drivers\hdaudbus.sys - ok
15:58:37.0061 0x0ca8  [ B09C74A41F26B08149707EA5E7F956C2, E6ECA1E437E5390A3A43DAA5E1B5C384D70C114707CA34018DB1A6AE37219E9B ] C:\Windows\System32\drivers\usbport.sys
15:58:37.0077 0x0ca8  C:\Windows\System32\drivers\usbport.sys - ok
15:58:37.0077 0x0ca8  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] C:\Windows\System32\drivers\usbuhci.sys
15:58:37.0077 0x0ca8  C:\Windows\System32\drivers\usbuhci.sys - ok
15:58:37.0077 0x0ca8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] C:\Windows\System32\drivers\usbehci.sys
15:58:37.0077 0x0ca8  C:\Windows\System32\drivers\usbehci.sys - ok
15:58:37.0092 0x0ca8  [ 6FB43F0DADB3FDC287D080C19666AF8D, D2AA2172CEAF5954E4F04728D1BC9EA7C47A20E8918E876287FC766895FB617A ] C:\Windows\System32\drivers\b57nd60x.sys
15:58:37.0092 0x0ca8  C:\Windows\System32\drivers\b57nd60x.sys - ok
15:58:37.0092 0x0ca8  [ A013222A9A890DDAAC967DEBADE59EAD, A36EDE54BFF1204981BABA185926718FFFEA72DDE6DB21A4869A0A1B016CD7F6 ] C:\Windows\System32\drivers\netr28.sys
15:58:37.0092 0x0ca8  C:\Windows\System32\drivers\netr28.sys - ok
15:58:37.0092 0x0ca8  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] C:\Windows\System32\drivers\CmBatt.sys
15:58:37.0092 0x0ca8  C:\Windows\System32\drivers\CmBatt.sys - ok
15:58:37.0108 0x0ca8  [ 73BAF270D24FE726B9CD7F80BB17A23D, 12ADFB26C16A7D3F623C1A6B72D4C6AB9163EBC93CF13CB2AC6897FB95E96105 ] C:\Windows\System32\drivers\DKbFltr.sys
15:58:37.0108 0x0ca8  C:\Windows\System32\drivers\DKbFltr.sys - ok
15:58:37.0108 0x0ca8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] C:\Windows\System32\drivers\i8042prt.sys
15:58:37.0108 0x0ca8  C:\Windows\System32\drivers\i8042prt.sys - ok
15:58:37.0123 0x0ca8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\Windows\System32\drivers\kbdclass.sys
15:58:37.0123 0x0ca8  C:\Windows\System32\drivers\kbdclass.sys - ok
15:58:37.0123 0x0ca8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\Windows\System32\drivers\mouclass.sys
15:58:37.0123 0x0ca8  C:\Windows\System32\drivers\mouclass.sys - ok
15:58:37.0123 0x0ca8  [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8, 980EB88D5B52AA1E9BE7FC7B92BFF02578DD643928A1B14488F0729F0B762EEE ] C:\Windows\System32\drivers\hidparse.sys
15:58:37.0123 0x0ca8  C:\Windows\System32\drivers\hidparse.sys - ok
15:58:37.0139 0x0ca8  [ 85D8845B7B6A434B7CE35723BF0E5C57, F10026F2F63F4852D9E174E1D4E0345BB5080A20370F7F350F5D5951CD52F5BC ] C:\Windows\System32\drivers\nuvotonhidgeneric.sys
15:58:37.0139 0x0ca8  C:\Windows\System32\drivers\nuvotonhidgeneric.sys - ok
15:58:37.0139 0x0ca8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] C:\Windows\System32\drivers\cdrom.sys
15:58:37.0139 0x0ca8  C:\Windows\System32\drivers\cdrom.sys - ok
15:58:37.0139 0x0ca8  [ 5961CADB7CAD938368D2028725EF771D, F688F8FF3B2F104295B779749977779BAAF79392965A92B33074B6088168DB46 ] C:\Windows\System32\drivers\hidclass.sys
15:58:37.0139 0x0ca8  C:\Windows\System32\drivers\hidclass.sys - ok
15:58:37.0155 0x0ca8  [ 7F7E5E98CEFED8A10F7E56810EA7B6DF, 7D9F6801B24C96FAE77A50162074EDA4C4470C1E240BDC79ECB6B514E195291C ] C:\Windows\System32\drivers\hidshim.sys
15:58:37.0155 0x0ca8  C:\Windows\System32\drivers\hidshim.sys - ok
15:58:37.0155 0x0ca8  [ 2757D2BA59AEE155209E24942AB127C9, 60C8571D548901A68591F1C7C548B40FA1086D21D23B8CB1083A8AE50760FE87 ] C:\Windows\System32\drivers\NTIDrvr.sys
15:58:37.0155 0x0ca8  C:\Windows\System32\drivers\NTIDrvr.sys - ok
15:58:37.0170 0x0ca8  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] C:\Windows\System32\drivers\wmiacpi.sys
15:58:37.0170 0x0ca8  C:\Windows\System32\drivers\wmiacpi.sys - ok
15:58:37.0170 0x0ca8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] C:\Windows\System32\drivers\intelppm.sys
15:58:37.0170 0x0ca8  C:\Windows\System32\drivers\intelppm.sys - ok
15:58:37.0170 0x0ca8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] C:\Windows\System32\drivers\msiscsi.sys
15:58:37.0170 0x0ca8  C:\Windows\System32\drivers\msiscsi.sys - ok
15:58:37.0186 0x0ca8  [ 47E55AFE1ED1D5AFF09690DB226F4A7A, 6D9EF6C4A70BD9C5DD98F70516257C377D97C30AFD4ABA7E1C721D84672C9084 ] C:\Windows\System32\drivers\Storport.sys
15:58:37.0186 0x0ca8  C:\Windows\System32\drivers\Storport.sys - ok
15:58:37.0186 0x0ca8  [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\Windows\System32\drivers\tdi.sys
15:58:37.0186 0x0ca8  C:\Windows\System32\drivers\tdi.sys - ok
15:58:37.0201 0x0ca8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\Windows\System32\drivers\rasl2tp.sys
15:58:37.0201 0x0ca8  C:\Windows\System32\drivers\rasl2tp.sys - ok
15:58:37.0201 0x0ca8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\Windows\System32\drivers\ndistapi.sys
15:58:37.0201 0x0ca8  C:\Windows\System32\drivers\ndistapi.sys - ok
15:58:37.0201 0x0ca8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] C:\Windows\System32\drivers\ndiswan.sys
15:58:37.0201 0x0ca8  C:\Windows\System32\drivers\ndiswan.sys - ok
15:58:37.0217 0x0ca8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] C:\Windows\System32\drivers\raspppoe.sys
15:58:37.0217 0x0ca8  C:\Windows\System32\drivers\raspppoe.sys - ok
15:58:37.0217 0x0ca8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\Windows\System32\drivers\raspptp.sys
15:58:37.0217 0x0ca8  C:\Windows\System32\drivers\raspptp.sys - ok
15:58:37.0217 0x0ca8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] C:\Windows\System32\drivers\rassstp.sys
15:58:37.0217 0x0ca8  C:\Windows\System32\drivers\rassstp.sys - ok
15:58:37.0233 0x0ca8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] C:\Windows\System32\drivers\termdd.sys
15:58:37.0233 0x0ca8  C:\Windows\System32\drivers\termdd.sys - ok
15:58:37.0233 0x0ca8  [ EF73C1E29FBE7B0FD0274BF4394E346A, F0C0524E6FE2E0EB9230995230868A4FFAA510129B7464BD7DB8AE9C8EAE4CF5 ] C:\Windows\System32\drivers\ks.sys
15:58:37.0233 0x0ca8  C:\Windows\System32\drivers\ks.sys - ok
15:58:37.0233 0x0ca8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\Windows\System32\drivers\mssmbios.sys
15:58:37.0233 0x0ca8  C:\Windows\System32\drivers\mssmbios.sys - ok
15:58:37.0248 0x0ca8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\Windows\System32\drivers\swenum.sys
15:58:37.0248 0x0ca8  C:\Windows\System32\drivers\swenum.sys - ok
15:58:37.0248 0x0ca8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\Windows\System32\drivers\umbus.sys
15:58:37.0248 0x0ca8  C:\Windows\System32\drivers\umbus.sys - ok
15:58:37.0264 0x0ca8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] C:\Windows\System32\drivers\usbhub.sys
15:58:37.0264 0x0ca8  C:\Windows\System32\drivers\usbhub.sys - ok
15:58:37.0264 0x0ca8  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] C:\Windows\System32\drivers\kbdhid.sys
15:58:37.0264 0x0ca8  C:\Windows\System32\drivers\kbdhid.sys - ok
15:58:37.0264 0x0ca8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] C:\Windows\System32\drivers\mouhid.sys
15:58:37.0264 0x0ca8  C:\Windows\System32\drivers\mouhid.sys - ok
15:58:37.0279 0x0ca8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\Windows\System32\drivers\ndproxy.sys
15:58:37.0279 0x0ca8  C:\Windows\System32\drivers\ndproxy.sys - ok
15:58:37.0279 0x0ca8  [ 2A63675F6FA8EF0FF9F5C72695584CAA, 35828A7FF9242EF161639E3B9E6D98EFCFE82D683F7E219FCAEF9F6D9C89007B ] C:\Windows\System32\drivers\drmk.sys
15:58:37.0279 0x0ca8  C:\Windows\System32\drivers\drmk.sys - ok
15:58:37.0295 0x0ca8  [ 6DBA75306DD9B242B6F1C343179AD201, DC20492A07685588E6FE9F7B7AE01CA23EC9315CEA198F3BC58EE1CB6D0A1FD4 ] C:\Windows\System32\drivers\portcls.sys
15:58:37.0295 0x0ca8  C:\Windows\System32\drivers\portcls.sys - ok
15:58:37.0295 0x0ca8  [ 065A51298212455584F1811B033B617E, 74FE455F7415A8D2199C92ED3F3A0190878FDBAFBCA2127D70643A215548AAF3 ] C:\Windows\System32\drivers\RtHDMIV.sys
15:58:37.0295 0x0ca8  C:\Windows\System32\drivers\RtHDMIV.sys - ok
15:58:37.0295 0x0ca8  [ B8716D9677B04B82FA405C8C54954728, 19BD403E268F27E2A50B3619ED87D6553D837456E32C56CB596C0E87A2B4895F ] C:\Windows\System32\drivers\RTKVHDA.sys
15:58:37.0295 0x0ca8  C:\Windows\System32\drivers\RTKVHDA.sys - ok
15:58:37.0311 0x0ca8  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E, A11CE324DD8E8BDFFDF513429C32D3C16EC79DC9A7517048587759B26BF38583 ] C:\Windows\System32\drivers\HSXHWAZL.sys
15:58:37.0311 0x0ca8  C:\Windows\System32\drivers\HSXHWAZL.sys - ok
15:58:37.0311 0x0ca8  [ 7BC42C65B5C6281777C1A7605B253BA8, 71885EB4E8625450ECA4623466FB3D5437DAABE739A5DC3B5F4CF982A65F8A86 ] C:\Windows\System32\drivers\HSX_DPV.sys
15:58:37.0311 0x0ca8  C:\Windows\System32\drivers\HSX_DPV.sys - ok
15:58:37.0326 0x0ca8  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA, 711DD957AF98F1B835ECE0FEBCCF8FCC7763F1DAA232F1C9E80DE6DA123C7F33 ] C:\Windows\System32\drivers\HSX_CNXT.sys
15:58:37.0326 0x0ca8  C:\Windows\System32\drivers\HSX_CNXT.sys - ok
15:58:37.0326 0x0ca8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] C:\Windows\System32\drivers\modem.sys
15:58:37.0326 0x0ca8  C:\Windows\System32\drivers\modem.sys - ok
15:58:37.0326 0x0ca8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] C:\Windows\System32\drivers\fs_rec.sys
15:58:37.0326 0x0ca8  C:\Windows\System32\drivers\fs_rec.sys - ok
15:58:37.0342 0x0ca8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] C:\Windows\System32\drivers\null.sys
15:58:37.0342 0x0ca8  C:\Windows\System32\drivers\null.sys - ok
15:58:37.0342 0x0ca8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\Windows\System32\drivers\beep.sys
15:58:37.0342 0x0ca8  C:\Windows\System32\drivers\beep.sys - ok
15:58:37.0342 0x0ca8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\Windows\System32\drivers\vga.sys
15:58:37.0342 0x0ca8  C:\Windows\System32\drivers\vga.sys - ok
15:58:37.0357 0x0ca8  [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\Windows\System32\drivers\videoprt.sys
15:58:37.0357 0x0ca8  C:\Windows\System32\drivers\videoprt.sys - ok
15:58:37.0357 0x0ca8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\Windows\System32\drivers\RDPCDD.sys
15:58:37.0357 0x0ca8  C:\Windows\System32\drivers\RDPCDD.sys - ok
15:58:37.0373 0x0ca8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\Windows\System32\drivers\RDPENCDD.sys
15:58:37.0373 0x0ca8  C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:58:37.0373 0x0ca8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\Windows\System32\drivers\msfs.sys
15:58:37.0373 0x0ca8  C:\Windows\System32\drivers\msfs.sys - ok
15:58:37.0373 0x0ca8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] C:\Windows\System32\drivers\npfs.sys
15:58:37.0373 0x0ca8  C:\Windows\System32\drivers\npfs.sys - ok
15:58:37.0389 0x0ca8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\Windows\System32\drivers\rasacd.sys
15:58:37.0389 0x0ca8  C:\Windows\System32\drivers\rasacd.sys - ok
15:58:37.0389 0x0ca8  [ 73594DBC99E22958150192EE99BC48CE, 17570927771E8A0ACD3AEA7C55054956B786AC47CDA642D85B4EFD0BE524450D ] C:\Windows\System32\drivers\FWPKCLNT.SYS
15:58:37.0389 0x0ca8  C:\Windows\System32\drivers\FWPKCLNT.SYS - ok
15:58:37.0404 0x0ca8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] C:\Windows\System32\drivers\tcpip.sys
15:58:37.0404 0x0ca8  C:\Windows\System32\drivers\tcpip.sys - ok
15:58:37.0404 0x0ca8  [ 7F9B01CE297EF4D54C5C4D736D22CF96, 7B13DE8346FE8218CA1D3ECFBD610B0292606318BA863D2C0941B6D3F55FB788 ] C:\Windows\System32\drivers\avgfwd6x.sys
15:58:37.0404 0x0ca8  C:\Windows\System32\drivers\avgfwd6x.sys - ok
15:58:37.0404 0x0ca8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] C:\Windows\System32\drivers\tdx.sys
15:58:37.0404 0x0ca8  C:\Windows\System32\drivers\tdx.sys - ok
15:58:37.0420 0x0ca8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] C:\Windows\System32\drivers\smb.sys
15:58:37.0420 0x0ca8  C:\Windows\System32\drivers\smb.sys - ok
15:58:37.0420 0x0ca8  [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] C:\Windows\System32\drivers\avgtdix.sys
15:58:37.0420 0x0ca8  C:\Windows\System32\drivers\avgtdix.sys - ok
15:58:37.0420 0x0ca8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] C:\Windows\System32\drivers\netbt.sys
15:58:37.0420 0x0ca8  C:\Windows\System32\drivers\netbt.sys - ok
15:58:37.0435 0x0ca8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] C:\Windows\System32\drivers\afd.sys
15:58:37.0435 0x0ca8  C:\Windows\System32\drivers\afd.sys - ok
15:58:37.0435 0x0ca8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] C:\Windows\System32\drivers\usbccgp.sys
15:58:37.0435 0x0ca8  C:\Windows\System32\drivers\usbccgp.sys - ok
15:58:37.0451 0x0ca8  [ FE619ED13CE12F5B43C04E3EA061BBD6, DDED6F0C5987CCF81AC1FA8C670D84153C8F7A3492C4139B273DA7F8C98BE55A ] C:\Windows\System32\drivers\usbd.sys
15:58:37.0451 0x0ca8  C:\Windows\System32\drivers\usbd.sys - ok
15:58:37.0451 0x0ca8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] C:\Windows\System32\drivers\ws2ifsl.sys
15:58:37.0451 0x0ca8  C:\Windows\System32\drivers\ws2ifsl.sys - ok
15:58:37.0451 0x0ca8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] C:\Windows\System32\drivers\pacer.sys
15:58:37.0451 0x0ca8  C:\Windows\System32\drivers\pacer.sys - ok
15:58:37.0467 0x0ca8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\Windows\System32\drivers\netbios.sys
15:58:37.0467 0x0ca8  C:\Windows\System32\drivers\netbios.sys - ok
15:58:37.0467 0x0ca8  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] C:\Windows\System32\drivers\usbvideo.sys
15:58:37.0467 0x0ca8  C:\Windows\System32\drivers\usbvideo.sys - ok
15:58:37.0482 0x0ca8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\Windows\System32\drivers\wanarp.sys
15:58:37.0482 0x0ca8  C:\Windows\System32\drivers\wanarp.sys - ok
15:58:37.0482 0x0ca8  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:58:37.0482 0x0ca8  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
15:58:37.0482 0x0ca8  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
15:58:37.0482 0x0ca8  C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
15:58:37.0498 0x0ca8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\Windows\System32\drivers\nsiproxy.sys
15:58:37.0498 0x0ca8  C:\Windows\System32\drivers\nsiproxy.sys - ok
15:58:37.0498 0x0ca8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] C:\Windows\System32\drivers\rdbss.sys
15:58:37.0498 0x0ca8  C:\Windows\System32\drivers\rdbss.sys - ok
15:58:37.0498 0x0ca8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] C:\Windows\System32\drivers\dfsc.sys
15:58:37.0498 0x0ca8  C:\Windows\System32\drivers\dfsc.sys - ok
15:58:37.0513 0x0ca8  [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] C:\Windows\System32\drivers\avgldx86.sys
15:58:37.0513 0x0ca8  C:\Windows\System32\drivers\avgldx86.sys - ok
15:58:37.0513 0x0ca8  [ 8DAB5975B5C7923D61506A48E251DBAD, 34C197BDBFEB676ED7C0262E27EF9190E684A47E4DBFDFA889958966406F9862 ] C:\Windows\System32\drivers\RTSTOR.sys
15:58:37.0513 0x0ca8  C:\Windows\System32\drivers\RTSTOR.sys - ok
15:58:37.0513 0x0ca8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] C:\Windows\System32\drivers\hidusb.sys
15:58:37.0513 0x0ca8  C:\Windows\System32\drivers\hidusb.sys - ok
15:58:37.0529 0x0ca8  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] C:\Windows\System32\drivers\avgidsshimx.sys
15:58:37.0529 0x0ca8  C:\Windows\System32\drivers\avgidsshimx.sys - ok
15:58:37.0529 0x0ca8  [ EB1AA821F99D5D2DA05511AE8D4704C4, 68AE41B7DA35200B24E27733DC05D9DA1F2D4C98524531AB8F1BD2AB4AFC831C ] C:\Windows\System32\drivers\avgidsdriverx.sys
15:58:37.0529 0x0ca8  C:\Windows\System32\drivers\avgidsdriverx.sys - ok
15:58:37.0545 0x0ca8  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] C:\Windows\System32\drivers\avgdiskx.sys
15:58:37.0545 0x0ca8  C:\Windows\System32\drivers\avgdiskx.sys - ok
15:58:37.0545 0x0ca8  [ B9FDFF876B0E7B4FECBAA5708C6ED616, 588B9677758DB19186ABE59D256D7E7CF224CA1923A60E37BFBDD03E8DAB9DB7 ] C:\Windows\System32\ntdll.dll
15:58:37.0545 0x0ca8  C:\Windows\System32\ntdll.dll - ok
15:58:37.0545 0x0ca8  [ B5C66E0B251D954D6CED30E4FDB07792, F5A8CDDB633EA18DD161492A0B34239D10B94DE881EEAB883833E67E840C3267 ] C:\Windows\System32\smss.exe
15:58:37.0545 0x0ca8  C:\Windows\System32\smss.exe - ok
15:58:37.0560 0x0ca8  [ 10761177A6EBE45843F443E99509F5E7, BB51065931E61EDBC920924D96B502D46E2967FFAFCE589171FC0D3AD43463CB ] C:\Windows\System32\autochk.exe
15:58:37.0560 0x0ca8  C:\Windows\System32\autochk.exe - ok
15:58:37.0560 0x0ca8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] C:\Windows\System32\drivers\fastfat.sys
15:58:37.0560 0x0ca8  C:\Windows\System32\drivers\fastfat.sys - ok
15:58:37.0560 0x0ca8  [ 55CEF8FE478E41C8EBCF7B27AF991A3F, 2527C2AAF7FF599CE91BF047017941C388B81836EE11F28948940AE0F97AAA05 ] C:\Windows\System32\sdnclean.exe
15:58:37.0560 0x0ca8  C:\Windows\System32\sdnclean.exe - ok
15:58:37.0576 0x0ca8  [ 22167BB39BF4B08931A9794A34E2E6AA, 4E8B4DF3362DAFC7F4BC88C78AF719A496FAB8931C35AD66E71001F084674589 ] C:\PROGRA~1\AVG\AVG2015\avgrsx.exe
15:58:37.0576 0x0ca8  C:\PROGRA~1\AVG\AVG2015\avgrsx.exe - ok
15:58:37.0576 0x0ca8  [ 37EC88CB7D4847FD7FC702A83B33ED8E, E47DECF63A158CAB111333F62B8A6DC8BA0C529422E48C624E80A662CBA14A81 ] C:\Program Files\AVG\AVG2015\avglogx.dll
15:58:37.0576 0x0ca8  C:\Program Files\AVG\AVG2015\avglogx.dll - ok
15:58:37.0591 0x0ca8  [ 288834FA40E87654DBA52B8E5328B963, E1C5F9546D412D6FF73F08130899D50B013E817A0DA1A4BA92338DAA576B7E0A ] C:\Program Files\AVG\AVG2015\avgsysx.dll
15:58:37.0591 0x0ca8  C:\Program Files\AVG\AVG2015\avgsysx.dll - ok
15:58:37.0591 0x0ca8  [ 34BA4127ED422453BE5D91734BC1AD70, 6C74EA2D59761F66D2CC5F16D7C712C7973CD29470F2456B2F6DE2DF71883B8E ] C:\Program Files\AVG\AVG2015\avgcmlx.dll
15:58:37.0591 0x0ca8  C:\Program Files\AVG\AVG2015\avgcmlx.dll - ok
15:58:37.0591 0x0ca8  [ 6E1ACED1C7557393B631A807172E915D, D72222F931D7B5B76FAAAAFA210675C182269B6B65585E463F3656CBF5C3B317 ] C:\Program Files\AVG\AVG2015\avgntopensslx.dll
15:58:37.0591 0x0ca8  C:\Program Files\AVG\AVG2015\avgntopensslx.dll - ok
15:58:37.0607 0x0ca8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] C:\Windows\System32\drivers\cdfs.sys
15:58:37.0607 0x0ca8  C:\Windows\System32\drivers\cdfs.sys - ok
15:58:37.0607 0x0ca8  [ 79B3F1709A548D73090F7A577AD10188, 3EDA843B36543C4FECB51FB8FEC41034C8078715C805E5A3A42E8E7E848B7A53 ] C:\PROGRA~1\AVG\AVG2015\avgchjwx.dll
15:58:37.0607 0x0ca8  C:\PROGRA~1\AVG\AVG2015\avgchjwx.dll - ok
15:58:37.0607 0x0ca8  [ FA967CC55C8B3E66DE63C559FD2F4ACB, F733BD619FCC9264BC839A08234FCE4ACD9BDF3CBE17572ADAC7EB635FEA0DA5 ] C:\PROGRA~1\AVG\AVG2015\avgclitx.dll
15:58:37.0607 0x0ca8  C:\PROGRA~1\AVG\AVG2015\avgclitx.dll - ok
15:58:37.0623 0x0ca8  [ 1D4E80C7EE2FFCA7F158063BB182273E, ABC214DCFA152EBA009C9A379FA980878AA1FAAFBAC52521C1EE4178F6C0BEB9 ] C:\PROGRA~1\AVG\AVG2015\avgdetallocatorx.dll
15:58:37.0623 0x0ca8  C:\PROGRA~1\AVG\AVG2015\avgdetallocatorx.dll - ok
15:58:37.0623 0x0ca8  [ 47FB0BFB034F125C186024F07C8EF825, F0F2B54329BC6D4E7A03EF82939BD295EF2BA0D89C700C6CD698BBC93CFF711B ] C:\PROGRA~1\AVG\AVG2015\avgcclix.dll
15:58:37.0623 0x0ca8  C:\PROGRA~1\AVG\AVG2015\avgcclix.dll - ok
15:58:37.0638 0x0ca8  [ FD7857769B15CC394E0735E3F4EF196F, A79B8EEB46D7528A15D134E8DEA976C7C6CE2D5943D92E55FAB69FF199D71019 ] C:\Program Files\AVG\AVG2015\avgcsrvx.exe
15:58:37.0638 0x0ca8  C:\Program Files\AVG\AVG2015\avgcsrvx.exe - ok
15:58:37.0638 0x0ca8  [ D3CDBAAC8D499FB2A684085961634C59, 1BE5F0C9171434CDD9C090D1A5DD224EAFD9DF19ECCB70F3607C943685E61FBA ] C:\Program Files\AVG\AVG2015\avgcorex.dll
15:58:37.0638 0x0ca8  C:\Program Files\AVG\AVG2015\avgcorex.dll - ok
15:58:37.0638 0x0ca8  [ B736DD61B556B8E5D1017971A6B833CB, 252DABE3F79C0685BCF085E047D41D4D754771113675717F88672C56EE10EEC5 ] C:\Program Files\AVG\AVG2015\avgcertx.dll
15:58:37.0638 0x0ca8  C:\Program Files\AVG\AVG2015\avgcertx.dll - ok
15:58:37.0654 0x0ca8  [ 0D0544738D09FCFC60B3C5A728AC6728, 96AE11E5965617CE14998F1A50DCE79F5804CCD11DD9DB18DB74098D46902501 ] C:\Program Files\AVG\AVG2015\avgchclx.dll
15:58:37.0654 0x0ca8  C:\Program Files\AVG\AVG2015\avgchclx.dll - ok
15:58:37.0654 0x0ca8  [ 5B0DA5ED1D1869DD5ACF134B5C616F2D, 73D0323C867656D0458DE1337C8E0E8DC725C7F4F5167CEA92BC32BE49BCA472 ] C:\Program Files\AVG\AVG2015\avgpsicx.dll
15:58:37.0654 0x0ca8  C:\Program Files\AVG\AVG2015\avgpsicx.dll - ok
15:58:37.0669 0x0ca8  [ 6A68C1491C7139ADA5A6B6818586A25E, 783FC426846B6925D03795D2EBFFE4BD55A065A05A36EF47185387D7A74F7A72 ] C:\Program Files\AVG\AVG2015\avgntsqlitex.dll
15:58:37.0669 0x0ca8  C:\Program Files\AVG\AVG2015\avgntsqlitex.dll - ok
15:58:37.0669 0x0ca8  [ 48EA6FF1B58A50BB249D2AA9E29B7AAB, FD0B7C14143C5AB53575EEBCDA28F180AEF3FC08D201FF5933187B2D73AB2DDC ] C:\Program Files\AVG\AVG2015\avgcommx.dll
15:58:37.0669 0x0ca8  C:\Program Files\AVG\AVG2015\avgcommx.dll - ok
15:58:37.0669 0x0ca8  [ E5315746C4E4851BCB256F15C16D5F91, 6B6D0DF4C79F4DD6E5328F9DB25F0D1A9ABA52A2AB15E1DE18B0ABC23A364CFA ] C:\Windows\System32\iertutil.dll
15:58:37.0669 0x0ca8  C:\Windows\System32\iertutil.dll - ok
15:58:37.0685 0x0ca8  [ C8BDCECEE082B54F0BAC838BF0A34597, 8C451FA2BA8E38D83E50EBF1D9F56FCBCBC7E2C6898C15254FE9F337F279E0C1 ] C:\Windows\System32\imm32.dll
15:58:37.0685 0x0ca8  C:\Windows\System32\imm32.dll - ok
15:58:37.0685 0x0ca8  [ 9852A1B92487147563D83B638F1E8D37, 31A3010FC59F9D028C4520A5D12FFDD6F0CBC987247D39818FAA60A6B029A855 ] C:\Windows\System32\gdi32.dll
15:58:37.0685 0x0ca8  C:\Windows\System32\gdi32.dll - ok
15:58:37.0685 0x0ca8  [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15, 45EDA279BD838BD65702762E4EFEDA8F4178F9478E21678B8C75D1AA4015906E ] C:\Windows\System32\imagehlp.dll
15:58:37.0685 0x0ca8  C:\Windows\System32\imagehlp.dll - ok
15:58:37.0701 0x0ca8  [ 75510147B94598407666F4802797C75A, D9F989669EB0AAF384AA5462DD632999BF9C5A6BDB75C4F8857A6E9BDBE82B64 ] C:\Windows\System32\user32.dll
15:58:37.0701 0x0ca8  C:\Windows\System32\user32.dll - ok
15:58:37.0701 0x0ca8  [ 4AA2A0E26CEF1A803741253DCF9A1503, 8718BF6DC8678BDC5AF627F82D14E2D857D94A760529FF00F1D7B066F46CA832 ] C:\Windows\System32\comdlg32.dll
15:58:37.0701 0x0ca8  C:\Windows\System32\comdlg32.dll - ok
15:58:37.0716 0x0ca8  [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\Windows\System32\nsi.dll
15:58:37.0716 0x0ca8  C:\Windows\System32\nsi.dll - ok
15:58:37.0716 0x0ca8  [ 2BF660554AD726BD43869E2A452B547F, 2F5A29132316EA9395E84CC5C3561F05486F7BCC455758F3F7A1DC8F62839074 ] C:\Windows\System32\shell32.dll
15:58:37.0716 0x0ca8  C:\Windows\System32\shell32.dll - ok
15:58:37.0716 0x0ca8  [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\Windows\System32\normaliz.dll
15:58:37.0716 0x0ca8  C:\Windows\System32\normaliz.dll - ok
15:58:37.0732 0x0ca8  [ 6293D025E82071B9424877E30B6AC1C8, 88A7BFACC73D242E462070573065A1AB6899AF84C1D33E09A6420C7A6E0BD47B ] C:\Windows\System32\wininet.dll
15:58:37.0732 0x0ca8  C:\Windows\System32\wininet.dll - ok
15:58:37.0732 0x0ca8  [ 551F51B66E5EA87A38D8197EB3BDB57A, 2006D0418848EAA2361C26D18246D0BAA646B6F25F2C0035BDC82967E9BD73F1 ] C:\Windows\System32\setupapi.dll
15:58:37.0732 0x0ca8  C:\Windows\System32\setupapi.dll - ok
15:58:37.0732 0x0ca8  [ 695DB97B018FB06F693F37108322AA1E, 20F438F5B143944DEA74D77851AB7668893A816B1E43ED87273E1EECDB8B7704 ] C:\Windows\System32\kernel32.dll
15:58:37.0732 0x0ca8  C:\Windows\System32\kernel32.dll - ok
15:58:37.0747 0x0ca8  [ B8A609FB5EFB4E44FC1355B1C01C64BC, BB84036F8F16C6E2069FD8B18078A7E6CC98B513285FB1A8DC727B395C9E3A12 ] C:\Windows\System32\Wldap32.dll
15:58:37.0747 0x0ca8  C:\Windows\System32\Wldap32.dll - ok
15:58:37.0747 0x0ca8  [ EB0E02749CE5C488741C9A0ABEAB5DEC, 558C6304AFD4DA12F8976F699E39D6C1749F28A2AD4308B1C9E6D56288405FBD ] C:\Windows\System32\lpk.dll
15:58:37.0747 0x0ca8  C:\Windows\System32\lpk.dll - ok
15:58:37.0763 0x0ca8  [ 17AF64D727545F2804F6E6D998327E3F, CAD50C5321BF522CA6CA74662D032A98705ADD04A8BE38576B8EF0B8CE6DBA8A ] C:\Windows\System32\msvcrt.dll
15:58:37.0763 0x0ca8  C:\Windows\System32\msvcrt.dll - ok
15:58:37.0763 0x0ca8  [ 50CAA7072C171B9887215C83D52069E4, AA1961787F24A6AFF9DD5D0A6110686EA654595D2EB941F5DA702498A662880D ] C:\Windows\System32\advapi32.dll
15:58:37.0763 0x0ca8  C:\Windows\System32\advapi32.dll - ok
15:58:37.0763 0x0ca8  [ 9586E7CB2255A8B097A7E4538202585E, 7A65B6268940279D77CE08D695306150A8F8DD9A6878D2A322799AC576960C6B ] C:\Windows\System32\ole32.dll
15:58:37.0763 0x0ca8  C:\Windows\System32\ole32.dll - ok
15:58:37.0779 0x0ca8  [ 0D8FBC644E556C40E06B7EB25A73F6E5, F8A76BA441755F63D53DEECDDE3B5D0D52A5A9BAAD33C0DFF807265C33D5F39D ] C:\Windows\System32\oleaut32.dll
15:58:37.0779 0x0ca8  C:\Windows\System32\oleaut32.dll - ok
15:58:37.0779 0x0ca8  [ E389C328AC7FE5673593ECAD269E7A54, 4EACF7F293D736941BC9F1FA5E70C11EF55CCF74664ECDEF56DA53BA043C0C38 ] C:\Windows\System32\rpcrt4.dll
15:58:37.0779 0x0ca8  C:\Windows\System32\rpcrt4.dll - ok
15:58:37.0779 0x0ca8  [ 420B075CD71AB9E58D15DD258958FBA3, EDD96EDD4D3F1C05E34C769F9C4A1D966DA9B51A3B01CF25E9C5E30281E01AE2 ] C:\Windows\System32\shlwapi.dll
15:58:37.0779 0x0ca8  C:\Windows\System32\shlwapi.dll - ok
15:58:37.0794 0x0ca8  [ 58C6BC3102CB0E8E90C90C1637BACB50, B3370B1C7F6EE97C24F0C4FF55A746A632AC3B272BCA2C54AB0E8ECFEC2297F6 ] C:\Windows\System32\urlmon.dll
15:58:37.0794 0x0ca8  C:\Windows\System32\urlmon.dll - ok
15:58:37.0794 0x0ca8  [ FB3E5FD7F74BFC301AD3FB7DE670EDCB, 286EB6EA24FC2A29FE8ABBE84DDEDB1B1061ACA2C6CE2D3975CD55C477CD6944 ] C:\Windows\System32\usp10.dll
15:58:37.0794 0x0ca8  C:\Windows\System32\usp10.dll - ok
15:58:37.0794 0x0ca8  [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\Windows\System32\clbcatq.dll
15:58:37.0794 0x0ca8  C:\Windows\System32\clbcatq.dll - ok
15:58:37.0810 0x0ca8  [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\Windows\System32\ws2_32.dll
15:58:37.0810 0x0ca8  C:\Windows\System32\ws2_32.dll - ok
15:58:37.0810 0x0ca8  [ 259F6A6294AF75E74F93F480E05F264A, C6E4023B8DC007BAA3059F40A9FC22746A25C3163A4E3445570E1C7FFDED95ED ] C:\Windows\System32\msctf.dll
15:58:37.0810 0x0ca8  C:\Windows\System32\msctf.dll - ok
15:58:37.0825 0x0ca8  [ 58035212AB7869A5FC3AF186ACBA8F09, BCBEE41B2E65560A71D9D9199C0F8D7657085EEE4F73CD2F04D0474823ED4200 ] C:\Windows\System32\comctl32.dll
15:58:37.0825 0x0ca8  C:\Windows\System32\comctl32.dll - ok
15:58:37.0825 0x0ca8  [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\Windows\System32\psapi.dll
15:58:37.0825 0x0ca8  C:\Windows\System32\psapi.dll - ok
15:58:37.0825 0x0ca8  [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\Windows\System32\drivers\dxapi.sys
15:58:37.0825 0x0ca8  C:\Windows\System32\drivers\dxapi.sys - ok
15:58:37.0841 0x0ca8  [ 9F0BF29BB9D6E77C6F909412FB052F1D, B2D58524B00D9ECEA076580447DA021B8DAE013E8D18E96B2AD9E148CF525EEE ] C:\Windows\System32\win32k.sys
15:58:37.0841 0x0ca8  C:\Windows\System32\win32k.sys - ok
15:58:37.0841 0x0ca8  [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\Windows\System32\csrss.exe
15:58:37.0841 0x0ca8  C:\Windows\System32\csrss.exe - ok
15:58:37.0841 0x0ca8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\System32\basesrv.dll
15:58:37.0841 0x0ca8  C:\Windows\System32\basesrv.dll - ok
15:58:37.0857 0x0ca8  [ D9DD1D278927A9CD5FF135887928C8EC, D73608187294AC1CFCF20D2E6E133FC15E145C2090745E4AD3473557AFA5B2CA ] C:\Windows\System32\csrsrv.dll
15:58:37.0857 0x0ca8  C:\Windows\System32\csrsrv.dll - ok
15:58:37.0857 0x0ca8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\System32\winsrv.dll
15:58:37.0857 0x0ca8  C:\Windows\System32\winsrv.dll - ok
15:58:37.0857 0x0ca8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\Windows\System32\drivers\monitor.sys
15:58:37.0857 0x0ca8  C:\Windows\System32\drivers\monitor.sys - ok
15:58:37.0872 0x0ca8  [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\Windows\System32\tsddd.dll
15:58:37.0872 0x0ca8  C:\Windows\System32\tsddd.dll - ok
15:58:37.0872 0x0ca8  [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\Windows\System32\wininit.exe
15:58:37.0872 0x0ca8  C:\Windows\System32\wininit.exe - ok
15:58:37.0888 0x0ca8  [ D602FEDBD9155FC2DED6863FB60C950F, 5EADF6A70F3BB8CCF758AD645C96AF4034D7E8EEFE44C5008499809C510691EE ] C:\Windows\System32\secur32.dll
15:58:37.0888 0x0ca8  C:\Windows\System32\secur32.dll - ok
15:58:37.0888 0x0ca8  [ 665417528489096BBCB8AEA46D3DA924, BB0D895B481EFA6ED024C979238F5F482DF0A53912575A47EB4E9C643919112A ] C:\Windows\System32\userenv.dll
15:58:37.0888 0x0ca8  C:\Windows\System32\userenv.dll - ok
15:58:37.0888 0x0ca8  [ EA818A6DE0BD0A290D001FFABAFFF6EF, 7C5363FFE349E0B09CA970E0FFE91B5B17AF195D7D60B8377805622C0EE5ADC7 ] C:\Windows\System32\KBDGR.DLL
15:58:37.0888 0x0ca8  C:\Windows\System32\KBDGR.DLL - ok
15:58:37.0903 0x0ca8  [ 12C8D6C564702B0776512932290A3F6B, D7AC82B7307694B6FDB3AC08C83C415005DFA26FD92D3AA3043B3600984792DA ] C:\Windows\System32\KBDUS.DLL
15:58:37.0903 0x0ca8  C:\Windows\System32\KBDUS.DLL - ok
15:58:37.0903 0x0ca8  [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\Windows\System32\sxs.dll
15:58:37.0903 0x0ca8  C:\Windows\System32\sxs.dll - ok
15:58:37.0903 0x0ca8  [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\Windows\System32\WlS0WndH.dll
15:58:37.0903 0x0ca8  C:\Windows\System32\WlS0WndH.dll - ok
15:58:37.0919 0x0ca8  [ 1107BD574A84367735FEC38B9BD64E6B, 682D5372B533817C810F1DCB1C7AE42C44A786ED114601E56DF85FE1C41D5989 ] C:\Windows\System32\apphelp.dll
15:58:37.0919 0x0ca8  C:\Windows\System32\apphelp.dll - ok
15:58:37.0919 0x0ca8  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\System32\services.exe
15:58:37.0919 0x0ca8  C:\Windows\System32\services.exe - ok
15:58:37.0935 0x0ca8  [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\Windows\System32\lsm.exe
15:58:37.0935 0x0ca8  C:\Windows\System32\lsm.exe - ok
15:58:37.0935 0x0ca8  [ 1AE011BB950A5E0B05023D2AFEC3666D, 4602DB22B7D1643780DBE7A34A4887C119A0516C65E4063A9C2074CF39A495DC ] C:\Windows\System32\authz.dll
15:58:37.0935 0x0ca8  C:\Windows\System32\authz.dll - ok
15:58:37.0935 0x0ca8  [ 98B656EAF128CD06F625B09C84D959E1, 3E6502E629F15E697A813FC56A9B1F13F5A6F3D0C20550AB3459B2507F868156 ] C:\Windows\System32\netapi32.dll
15:58:37.0935 0x0ca8  C:\Windows\System32\netapi32.dll - ok
15:58:37.0950 0x0ca8  [ 735B1EB4521724784A6C142CE923DBFC, 2C289D400C34406B6FC2B8FFDEDA7FA936D9AE018231F3E16EF32640B13EBB91 ] C:\Windows\System32\scesrv.dll
15:58:37.0950 0x0ca8  C:\Windows\System32\scesrv.dll - ok
15:58:37.0950 0x0ca8  [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\Windows\System32\ncobjapi.dll
15:58:37.0950 0x0ca8  C:\Windows\System32\ncobjapi.dll - ok
15:58:37.0966 0x0ca8  [ 31F57ACBE76A0E17976E18614DE58399, F4EF3099DD1B736B65808CB6D6A1EEEAB04530347093486E55E548C0DA2BAF4A ] C:\Windows\System32\cdd.dll
15:58:37.0966 0x0ca8  C:\Windows\System32\cdd.dll - ok
15:58:37.0966 0x0ca8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] C:\Windows\System32\lsass.exe
15:58:37.0966 0x0ca8  C:\Windows\System32\lsass.exe - ok
15:58:37.0966 0x0ca8  [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\Windows\System32\sysntfy.dll
15:58:37.0966 0x0ca8  C:\Windows\System32\sysntfy.dll - ok
15:58:37.0981 0x0ca8  [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\Windows\System32\wmsgapi.dll
15:58:37.0981 0x0ca8  C:\Windows\System32\wmsgapi.dll - ok
15:58:37.0981 0x0ca8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\Windows\System32\aelupsvc.dll
15:58:37.0981 0x0ca8  C:\Windows\System32\aelupsvc.dll - ok
15:58:37.0981 0x0ca8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\Windows\System32\alg.exe
15:58:37.0981 0x0ca8  C:\Windows\System32\alg.exe - ok
15:58:37.0997 0x0ca8  [ 0C96812AAEDA38C89DC6C3F0AE7B6930, E3290C7B9A9C0DB34C3F65BD804D496EEA2DB91D3E46FBC2ABE364D7BC816FDD ] C:\Windows\System32\lsasrv.dll
15:58:37.0997 0x0ca8  C:\Windows\System32\lsasrv.dll - ok
15:58:37.0997 0x0ca8  [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\Windows\System32\cryptdll.dll
15:58:37.0997 0x0ca8  C:\Windows\System32\cryptdll.dll - ok
15:58:38.0013 0x0ca8  [ 7808BF0E367ED7348808879CEF482AB3, BAC633E351F0A2CF69C288E7CD983ED5986FE0CC180BF769A5C2EB5F8CABBE8A ] C:\Windows\System32\samsrv.dll
15:58:38.0013 0x0ca8  C:\Windows\System32\samsrv.dll - ok
15:58:38.0013 0x0ca8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] C:\Windows\System32\appinfo.dll
15:58:38.0013 0x0ca8  C:\Windows\System32\appinfo.dll - ok
15:58:38.0028 0x0ca8  [ 85E861D0B88DB2B54ACB0839654C09F7, 751E4F1F282C3798712AFF551D1525D5D65B5E8229689862AAB0BBDCC35A5925 ] C:\Windows\System32\dnsapi.dll
15:58:38.0028 0x0ca8  C:\Windows\System32\dnsapi.dll - ok
15:58:38.0028 0x0ca8  [ EE2FF9A3FC4404234BE3B7C6AA383AF8, 51BF3C48BE9BF81A800EF5B247E03C78980B3FFFF37688C42C0F253351EEF4C1 ] C:\Windows\System32\msasn1.dll
15:58:38.0028 0x0ca8  C:\Windows\System32\msasn1.dll - ok
15:58:38.0028 0x0ca8  [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\Windows\System32\ntdsapi.dll
15:58:38.0028 0x0ca8  C:\Windows\System32\ntdsapi.dll - ok
15:58:38.0044 0x0ca8  [ 453DE2958C885527E20C79A3FEFE6AF7, AC40DC0D1224A2F6FAA1A3396345371CAE7312C6D7EF0923602B2E89ED22BA2B ] C:\Windows\System32\samlib.dll
15:58:38.0044 0x0ca8  C:\Windows\System32\samlib.dll - ok
15:58:38.0044 0x0ca8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] C:\Windows\System32\audiosrv.dll
15:58:38.0044 0x0ca8  C:\Windows\System32\audiosrv.dll - ok
15:58:38.0044 0x0ca8  [ 965AC9FBF2C67231C157E99C03C58D24, 732E6307AE0C8916F47CB0E74562C7991CF44D5656C5E071D3FBDF31EA734409 ] C:\Windows\System32\feclient.dll
15:58:38.0044 0x0ca8  C:\Windows\System32\feclient.dll - ok
15:58:38.0059 0x0ca8  [ 1F94EA31C9543B855F53BDAC7792DA4E, 3697D031632C47FC5AAB4208C05A7C4098DF390103CFDE99A512F685AD057F40 ] C:\Windows\System32\mpr.dll
15:58:38.0059 0x0ca8  C:\Windows\System32\mpr.dll - ok
15:58:38.0059 0x0ca8  [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\Windows\System32\rascfg.dll
15:58:38.0059 0x0ca8  C:\Windows\System32\rascfg.dll - ok
15:58:38.0059 0x0ca8  [ 0317420D419E1885894B3ED9D375D245, 17F4C64CA4FE560F09DA4C1D13D62B525B5C7B6FDD44B846C6953D595D83CF3D ] C:\Windows\System32\crypt32.dll
15:58:38.0059 0x0ca8  C:\Windows\System32\crypt32.dll - ok
15:58:38.0075 0x0ca8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] C:\Windows\System32\BFE.DLL
15:58:38.0075 0x0ca8  C:\Windows\System32\BFE.DLL - ok
15:58:38.0075 0x0ca8  [ C6DF7A87063D006ECF1FD8156CB6DE3F, 921AB6B88444B364F05D8EDF0EDDFA0892353A862CD3580F7EDA311E4FDC26B6 ] C:\Windows\System32\SLC.dll
15:58:38.0075 0x0ca8  C:\Windows\System32\SLC.dll - ok
15:58:38.0091 0x0ca8  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2, 9088837534980C39A885BF9FE2B0945166A433F0263DE7F8E9D4F5E153A70DF3 ] C:\Windows\System32\wevtapi.dll
15:58:38.0091 0x0ca8  C:\Windows\System32\wevtapi.dll - ok
15:58:38.0091 0x0ca8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] C:\Windows\System32\dhcpcsvc.dll
15:58:38.0091 0x0ca8  C:\Windows\System32\dhcpcsvc.dll - ok
15:58:38.0091 0x0ca8  [ 4FE8425F21B3F0F8C4B4726351D43EAA, F45C1429BD60EEAB7BE8C2114B9C819CED7583249CEE1AB234A8A05A484528A9 ] C:\Windows\System32\IPHLPAPI.DLL
15:58:38.0091 0x0ca8  C:\Windows\System32\IPHLPAPI.DLL - ok
15:58:38.0106 0x0ca8  [ DFB6B71CDABA9DFB49C9D2B318B97A1A, F380B9A28D56DEC902154A0251B58BD3576355EDE2CD13CF47D7F4DBE3D61C97 ] C:\Windows\System32\dhcpcsvc6.dll
15:58:38.0106 0x0ca8  C:\Windows\System32\dhcpcsvc6.dll - ok
15:58:38.0106 0x0ca8  [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\Windows\System32\winnsi.dll
15:58:38.0106 0x0ca8  C:\Windows\System32\winnsi.dll - ok
15:58:38.0106 0x0ca8  [ DE0DD9AE3430F84A96B5501112A696BE, 28ED17BCAE5DB58885547213B5241F8E6599ADE3BB7834A54AC2F10D3285C45F ] C:\Windows\System32\bcrypt.dll
15:58:38.0106 0x0ca8  C:\Windows\System32\bcrypt.dll - ok
15:58:38.0122 0x0ca8  [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\Windows\System32\cngaudit.dll
15:58:38.0122 0x0ca8  C:\Windows\System32\cngaudit.dll - ok
15:58:38.0122 0x0ca8  [ 13CC59C1B04E9F20A87987C68CD4BE3F, E65363E112CF58007CA650782997413EAFFFDAC25B66976BC7B3A2CBD5ED3933 ] C:\Windows\System32\ncrypt.dll
15:58:38.0122 0x0ca8  C:\Windows\System32\ncrypt.dll - ok
15:58:38.0137 0x0ca8  [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\Windows\System32\credssp.dll
15:58:38.0137 0x0ca8  C:\Windows\System32\credssp.dll - ok
15:58:38.0137 0x0ca8  [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\Windows\System32\msprivs.dll
15:58:38.0137 0x0ca8  C:\Windows\System32\msprivs.dll - ok
15:58:38.0137 0x0ca8  [ 1DE1C07B256961012DCE0674EA488DE7, 100F4013370BD6F04A52AC72FC81A9301423C850763B95C82A8C4103D0763214 ] C:\Windows\System32\kerberos.dll
15:58:38.0137 0x0ca8  C:\Windows\System32\kerberos.dll - ok
15:58:38.0153 0x0ca8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] C:\Windows\System32\qmgr.dll
15:58:38.0153 0x0ca8  C:\Windows\System32\qmgr.dll - ok
15:58:38.0153 0x0ca8  [ 898E7C06A350D4A1A64A9EA264D55452, 0530B49018B59D4DCD3ECBC19E95B81438208AF34BC876BD07129A79896B4D7E ] C:\Windows\System32\winlogon.exe
15:58:38.0153 0x0ca8  C:\Windows\System32\winlogon.exe - ok
15:58:38.0169 0x0ca8  [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\Windows\System32\wship6.dll
15:58:38.0169 0x0ca8  C:\Windows\System32\wship6.dll - ok
15:58:38.0169 0x0ca8  [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\Windows\System32\winsta.dll
15:58:38.0169 0x0ca8  C:\Windows\System32\winsta.dll - ok
15:58:38.0169 0x0ca8  [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\Windows\System32\wshqos.dll
15:58:38.0169 0x0ca8  C:\Windows\System32\wshqos.dll - ok
15:58:38.0184 0x0ca8  [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\Windows\System32\WSHTCPIP.DLL
15:58:38.0184 0x0ca8  C:\Windows\System32\WSHTCPIP.DLL - ok
15:58:38.0184 0x0ca8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\Windows\System32\browser.dll
15:58:38.0184 0x0ca8  C:\Windows\System32\browser.dll - ok
15:58:38.0184 0x0ca8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] C:\Windows\System32\certprop.dll
15:58:38.0184 0x0ca8  C:\Windows\System32\certprop.dll - ok
15:58:38.0200 0x0ca8  [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\Windows\System32\comres.dll
15:58:38.0200 0x0ca8  C:\Windows\System32\comres.dll - ok
15:58:38.0200 0x0ca8  [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\Windows\System32\NapiNSP.dll
15:58:38.0200 0x0ca8  C:\Windows\System32\NapiNSP.dll - ok
15:58:38.0215 0x0ca8  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] C:\Windows\System32\nlasvc.dll
15:58:38.0215 0x0ca8  C:\Windows\System32\nlasvc.dll - ok
15:58:38.0215 0x0ca8  [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\Windows\System32\pnrpnsp.dll
15:58:38.0215 0x0ca8  C:\Windows\System32\pnrpnsp.dll - ok
15:58:38.0215 0x0ca8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] C:\Windows\System32\cryptsvc.dll
15:58:38.0215 0x0ca8  C:\Windows\System32\cryptsvc.dll - ok
15:58:38.0231 0x0ca8  [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\Windows\System32\oleres.dll
15:58:38.0231 0x0ca8  C:\Windows\System32\oleres.dll - ok
15:58:38.0231 0x0ca8  [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\Windows\System32\dfsrres.dll
15:58:38.0231 0x0ca8  C:\Windows\System32\dfsrres.dll - ok
15:58:38.0231 0x0ca8  [ 4ABCE74D012971305249E45E095E9EA6, 6D53BB81F781694577ED8F6DBF41D0900C552DEC2F433206E5B087E80B239DE3 ] C:\Windows\System32\msv1_0.dll
15:58:38.0231 0x0ca8  C:\Windows\System32\msv1_0.dll - ok
15:58:38.0247 0x0ca8  [ 8617350C9B590B63E620881092751BCB, 4D16A2197F9ED9062CFD93061294FB8E1068071D03E72B6CF3C7256F1B454A9B ] C:\Windows\System32\mswsock.dll
15:58:38.0247 0x0ca8  C:\Windows\System32\mswsock.dll - ok
15:58:38.0247 0x0ca8  [ 95DAECF0FB120A7B5DA679CC54E37DDE, 492129AB9AF4F11CDE46148F6CC3AB6841D0F715DEF5E387B33CD8C79F5298BC ] C:\Windows\System32\netlogon.dll
15:58:38.0247 0x0ca8  C:\Windows\System32\netlogon.dll - ok
15:58:38.0262 0x0ca8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] C:\Windows\System32\dot3svc.dll
15:58:38.0262 0x0ca8  C:\Windows\System32\dot3svc.dll - ok
15:58:38.0262 0x0ca8  [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\Windows\System32\winbrand.dll
15:58:38.0262 0x0ca8  C:\Windows\System32\winbrand.dll - ok
15:58:38.0262 0x0ca8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\Windows\System32\dps.dll
15:58:38.0262 0x0ca8  C:\Windows\System32\dps.dll - ok
15:58:38.0278 0x0ca8  [ 2D357C80ABB17CFACB7B552BC9CC8548, 93986F0A06B36C9BBF9E9E441DE51111960640E17E27651C530CBB4190E8A63E ] C:\Windows\System32\schannel.dll
15:58:38.0278 0x0ca8  C:\Windows\System32\schannel.dll - ok
15:58:38.0278 0x0ca8  [ 93620229F3CC3B67A3528BF39F064C30, BB5CD222902D528030DD6CB458691DD37BAFCCC0E35119F3C127DB5C55244780 ] C:\Windows\System32\wdigest.dll
15:58:38.0278 0x0ca8  C:\Windows\System32\wdigest.dll - ok
15:58:38.0278 0x0ca8  [ AB272D0B2EF1C79E43E7744D098352B2, CEEDF3EDF03231377875CC680E18F573CCC4A23F1D09E72E63E8247648290BB3 ] C:\Windows\System32\atmfd.dll
15:58:38.0278 0x0ca8  C:\Windows\System32\atmfd.dll - ok
15:58:38.0293 0x0ca8  [ E14170AEA125119B98FA2BDE3FF4F462, 939758ADA9D1A7E3B6BA1DB6D9E41D3FA27A7013C156F0B63010A0FB62DD64F8 ] C:\Windows\System32\rsaenh.dll
15:58:38.0293 0x0ca8  C:\Windows\System32\rsaenh.dll - ok
15:58:38.0293 0x0ca8  [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\Windows\System32\TSpkg.dll
15:58:38.0293 0x0ca8  C:\Windows\System32\TSpkg.dll - ok
15:58:38.0293 0x0ca8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] C:\Windows\ehome\ehrecvr.exe
15:58:38.0293 0x0ca8  C:\Windows\ehome\ehrecvr.exe - ok
15:58:38.0309 0x0ca8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\Windows\System32\eapsvc.dll
15:58:38.0309 0x0ca8  C:\Windows\System32\eapsvc.dll - ok
15:58:38.0309 0x0ca8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] C:\Windows\ehome\ehsched.exe
15:58:38.0309 0x0ca8  C:\Windows\ehome\ehsched.exe - ok
15:58:38.0309 0x0ca8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] C:\Windows\ehome\ehstart.dll
15:58:38.0309 0x0ca8  C:\Windows\ehome\ehstart.dll - ok
15:58:38.0325 0x0ca8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] C:\Windows\System32\emdmgmt.dll
15:58:38.0325 0x0ca8  C:\Windows\System32\emdmgmt.dll - ok
15:58:38.0325 0x0ca8  [ 0F420E81062757EA8363CBACD4D40D6D, 9FC3A7C512B065F18B520FE93B821717BB8B4C36BD976E8D014F71116073CF50 ] C:\Windows\System32\gpapi.dll
15:58:38.0325 0x0ca8  C:\Windows\System32\gpapi.dll - ok
15:58:38.0340 0x0ca8  [ A1B40A28F38D27A7E3229EE4C7064434, 76CD78FAFC99C472CDFCE848B1E31037811D4D645849C9FDA1B22161A1191A2D ] C:\Windows\System32\wevtsvc.dll
15:58:38.0340 0x0ca8  C:\Windows\System32\wevtsvc.dll - ok
15:58:38.0340 0x0ca8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\Windows\System32\fdPHost.dll
15:58:38.0340 0x0ca8  C:\Windows\System32\fdPHost.dll - ok
15:58:38.0340 0x0ca8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\Windows\System32\FDResPub.dll
15:58:38.0340 0x0ca8  C:\Windows\System32\FDResPub.dll - ok
15:58:38.0356 0x0ca8  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] C:\Windows\System32\FntCache.dll
15:58:38.0356 0x0ca8  C:\Windows\System32\FntCache.dll - ok
15:58:38.0356 0x0ca8  [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\Windows\System32\PresentationHost.exe
15:58:38.0356 0x0ca8  C:\Windows\System32\PresentationHost.exe - ok
15:58:38.0356 0x0ca8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] C:\Windows\System32\hidserv.dll
15:58:38.0356 0x0ca8  C:\Windows\System32\hidserv.dll - ok
15:58:38.0371 0x0ca8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\Windows\System32\KMSVC.DLL
15:58:38.0371 0x0ca8  C:\Windows\System32\KMSVC.DLL - ok
15:58:38.0371 0x0ca8  [ 0CB9D236129BFFEF9B68999761F3A697, 80F4991D01BA686C024958F5D75ACCB9B476AC410E3028D5135920619094BEEB ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
15:58:38.0371 0x0ca8  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
15:58:38.0387 0x0ca8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] C:\Windows\System32\IKEEXT.DLL
15:58:38.0387 0x0ca8  C:\Windows\System32\IKEEXT.DLL - ok
15:58:38.0387 0x0ca8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\Windows\System32\IPBusEnum.dll
15:58:38.0387 0x0ca8  C:\Windows\System32\IPBusEnum.dll - ok
15:58:38.0387 0x0ca8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] C:\Windows\System32\iphlpsvc.dll
15:58:38.0387 0x0ca8  C:\Windows\System32\iphlpsvc.dll - ok
15:58:38.0403 0x0ca8  [ CBB0D940221A281BCFEAEA695BD1CDA5, D05D192019524A02FE3FAE6827B98A942FA1AD651BF7AA53530A8A6F4ADFB7EB ] C:\Windows\System32\irmon.dll
15:58:38.0403 0x0ca8  C:\Windows\System32\irmon.dll - ok
15:58:38.0403 0x0ca8  [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\Windows\System32\keyiso.dll
15:58:38.0403 0x0ca8  C:\Windows\System32\keyiso.dll - ok
15:58:38.0418 0x0ca8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] C:\Windows\System32\srvsvc.dll
15:58:38.0418 0x0ca8  C:\Windows\System32\srvsvc.dll - ok
15:58:38.0418 0x0ca8  [ 132F6237FA3BF3E9715F63A1CCF72BF1, E877AACC2DE4E93A00C76D537D471AA268DC3B983D48407C6707FC682982DBF5 ] C:\Windows\ehome\ehres.dll
15:58:38.0418 0x0ca8  C:\Windows\ehome\ehres.dll - ok
15:58:38.0418 0x0ca8  [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\Windows\System32\lltdres.dll
15:58:38.0418 0x0ca8  C:\Windows\System32\lltdres.dll - ok
15:58:38.0434 0x0ca8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\Windows\System32\lmhsvc.dll
15:58:38.0434 0x0ca8  C:\Windows\System32\lmhsvc.dll - ok
15:58:38.0434 0x0ca8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] C:\Windows\System32\wkssvc.dll
15:58:38.0434 0x0ca8  C:\Windows\System32\wkssvc.dll - ok
15:58:38.0434 0x0ca8  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\Windows\System32\FirewallAPI.dll
15:58:38.0434 0x0ca8  C:\Windows\System32\FirewallAPI.dll - ok
15:58:38.0449 0x0ca8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\Windows\System32\mmcss.dll
15:58:38.0449 0x0ca8  C:\Windows\System32\mmcss.dll - ok
15:58:38.0449 0x0ca8  [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\Windows\System32\iscsidsc.dll
15:58:38.0449 0x0ca8  C:\Windows\System32\iscsidsc.dll - ok
15:58:38.0465 0x0ca8  [ ED21401F1E2F6BC2F54C462BB66D0D6B, 7E3874AFB57CA6B7CDA3833DB0E43E9D2BEE7C5C70AC1182260740CCA40291CA ] C:\Windows\System32\msimsg.dll
15:58:38.0465 0x0ca8  C:\Windows\System32\msimsg.dll - ok
15:58:38.0465 0x0ca8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] C:\Windows\System32\QAGENTRT.DLL
15:58:38.0465 0x0ca8  C:\Windows\System32\QAGENTRT.DLL - ok
15:58:38.0465 0x0ca8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\Windows\System32\netman.dll
15:58:38.0465 0x0ca8  C:\Windows\System32\netman.dll - ok
15:58:38.0481 0x0ca8  [ 43DF1E019494642C3F7AED0FCB231D27, E79E4A431ABDF9F5E024558782981FFB3FE7D3648833ADD6F82CD62467800CAB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
15:58:38.0481 0x0ca8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
15:58:38.0481 0x0ca8  [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\Windows\System32\netprof.dll
15:58:38.0481 0x0ca8  C:\Windows\System32\netprof.dll - ok
15:58:38.0496 0x0ca8  [ B826774F7E79929C7C1A7106C874E5E8, 425AF3D54A846FD87E6FC69BA11ADF96FC7E367AD1F0B22376702BC0DC55A4BC ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
15:58:38.0496 0x0ca8  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
15:58:38.0496 0x0ca8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\Windows\System32\nsisvc.dll
15:58:38.0496 0x0ca8  C:\Windows\System32\nsisvc.dll - ok
15:58:38.0496 0x0ca8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] C:\Windows\System32\p2psvc.dll
15:58:38.0496 0x0ca8  C:\Windows\System32\p2psvc.dll - ok
15:58:38.0512 0x0ca8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\Windows\System32\pcasvc.dll
15:58:38.0512 0x0ca8  C:\Windows\System32\pcasvc.dll - ok
15:58:38.0512 0x0ca8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\Windows\System32\pla.dll
15:58:38.0512 0x0ca8  C:\Windows\System32\pla.dll - ok
15:58:38.0512 0x0ca8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] C:\Windows\System32\umpnpmgr.dll
15:58:38.0512 0x0ca8  C:\Windows\System32\umpnpmgr.dll - ok
15:58:38.0527 0x0ca8  [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\Windows\System32\polstore.dll
15:58:38.0527 0x0ca8  C:\Windows\System32\polstore.dll - ok
15:58:38.0527 0x0ca8  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] C:\Windows\System32\profsvc.dll
15:58:38.0527 0x0ca8  C:\Windows\System32\profsvc.dll - ok
15:58:38.0527 0x0ca8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\Windows\System32\drivers\qwavedrv.sys
15:58:38.0543 0x0ca8  C:\Windows\System32\drivers\qwavedrv.sys - ok
15:58:38.0543 0x0ca8  [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\Windows\System32\psbase.dll
15:58:38.0543 0x0ca8  C:\Windows\System32\psbase.dll - ok
15:58:38.0543 0x0ca8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\Windows\System32\qwave.dll
15:58:38.0543 0x0ca8  C:\Windows\System32\qwave.dll - ok
15:58:38.0559 0x0ca8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\Windows\System32\rasauto.dll
15:58:38.0559 0x0ca8  C:\Windows\System32\rasauto.dll - ok
15:58:38.0559 0x0ca8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] C:\Windows\System32\rasmans.dll
15:58:38.0559 0x0ca8  C:\Windows\System32\rasmans.dll - ok
15:58:38.0559 0x0ca8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\Windows\System32\sstpsvc.dll
15:58:38.0559 0x0ca8  C:\Windows\System32\sstpsvc.dll - ok
15:58:38.0574 0x0ca8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\Windows\System32\Locator.exe
15:58:38.0574 0x0ca8  C:\Windows\System32\Locator.exe - ok
15:58:38.0574 0x0ca8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\Windows\System32\mprdim.dll
15:58:38.0574 0x0ca8  C:\Windows\System32\mprdim.dll - ok
15:58:38.0574 0x0ca8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] C:\Windows\System32\regsvc.dll
15:58:38.0574 0x0ca8  C:\Windows\System32\regsvc.dll - ok
15:58:38.0590 0x0ca8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] C:\Windows\System32\SCardSvr.dll
15:58:38.0590 0x0ca8  C:\Windows\System32\SCardSvr.dll - ok
15:58:38.0590 0x0ca8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] C:\Windows\System32\schedsvc.dll
15:58:38.0590 0x0ca8  C:\Windows\System32\schedsvc.dll - ok
15:58:38.0590 0x0ca8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\Windows\System32\ipnathlp.dll
15:58:38.0590 0x0ca8  C:\Windows\System32\ipnathlp.dll - ok
15:58:38.0605 0x0ca8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\Windows\System32\sdrsvc.dll
15:58:38.0605 0x0ca8  C:\Windows\System32\sdrsvc.dll - ok
15:58:38.0605 0x0ca8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\Windows\System32\seclogon.dll
15:58:38.0605 0x0ca8  C:\Windows\System32\seclogon.dll - ok
15:58:38.0621 0x0ca8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\Windows\System32\Sens.dll
15:58:38.0621 0x0ca8  C:\Windows\System32\Sens.dll - ok
15:58:38.0621 0x0ca8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\Windows\System32\SessEnv.dll
15:58:38.0621 0x0ca8  C:\Windows\System32\SessEnv.dll - ok
15:58:38.0621 0x0ca8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] C:\Windows\System32\shsvcs.dll
15:58:38.0621 0x0ca8  C:\Windows\System32\shsvcs.dll - ok
15:58:38.0637 0x0ca8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] C:\Windows\System32\SLsvc.exe
15:58:38.0637 0x0ca8  C:\Windows\System32\SLsvc.exe - ok
15:58:38.0637 0x0ca8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] C:\Windows\System32\SLUINotify.dll
15:58:38.0637 0x0ca8  C:\Windows\System32\SLUINotify.dll - ok
15:58:38.0637 0x0ca8  [ E4060CFE50F87C72316CB0FDB20E4913, FC7D21327E5FAA424798097FBE5A2F7821BE8A1E54F80E81A620A52DC8E933AA ] C:\Windows\System32\tcpipcfg.dll
15:58:38.0637 0x0ca8  C:\Windows\System32\tcpipcfg.dll - ok
15:58:38.0652 0x0ca8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\Windows\System32\snmptrap.exe
15:58:38.0652 0x0ca8  C:\Windows\System32\snmptrap.exe - ok
15:58:38.0652 0x0ca8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] C:\Windows\System32\spoolsv.exe
15:58:38.0652 0x0ca8  C:\Windows\System32\spoolsv.exe - ok
15:58:38.0668 0x0ca8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\Windows\System32\ssdpsrv.dll
15:58:38.0668 0x0ca8  C:\Windows\System32\ssdpsrv.dll - ok
15:58:38.0668 0x0ca8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] C:\Windows\System32\wiaservc.dll
15:58:38.0668 0x0ca8  C:\Windows\System32\wiaservc.dll - ok
15:58:38.0668 0x0ca8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] C:\Windows\System32\swprv.dll
15:58:38.0668 0x0ca8  C:\Windows\System32\swprv.dll - ok
15:58:38.0683 0x0ca8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] C:\Windows\System32\sysmain.dll
15:58:38.0683 0x0ca8  C:\Windows\System32\sysmain.dll - ok
15:58:38.0683 0x0ca8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\Windows\System32\TabSvc.dll
15:58:38.0683 0x0ca8  C:\Windows\System32\TabSvc.dll - ok
15:58:38.0683 0x0ca8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] C:\Windows\System32\tapisrv.dll
15:58:38.0683 0x0ca8  C:\Windows\System32\tapisrv.dll - ok
15:58:38.0699 0x0ca8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\Windows\System32\tbssvc.dll
15:58:38.0699 0x0ca8  C:\Windows\System32\tbssvc.dll - ok
15:58:38.0699 0x0ca8  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] C:\Windows\System32\termsrv.dll
15:58:38.0699 0x0ca8  C:\Windows\System32\termsrv.dll - ok
15:58:38.0715 0x0ca8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] C:\Windows\servicing\TrustedInstaller.exe
15:58:38.0715 0x0ca8  C:\Windows\servicing\TrustedInstaller.exe - ok
15:58:38.0715 0x0ca8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\Windows\System32\trkwks.dll
15:58:38.0715 0x0ca8  C:\Windows\System32\trkwks.dll - ok
15:58:38.0715 0x0ca8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\Windows\System32\UI0Detect.exe
15:58:38.0715 0x0ca8  C:\Windows\System32\UI0Detect.exe - ok
15:58:38.0730 0x0ca8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\Windows\System32\upnphost.dll
15:58:38.0730 0x0ca8  C:\Windows\System32\upnphost.dll - ok
15:58:38.0730 0x0ca8  [ 01DD1004181FD46ECDC3628228EB269D, 8AED6773AE1C8B65B4CAD6229BD05E224D348CF2A9D9F7D50F2513A9B1E14F66 ] C:\Windows\System32\dwm.exe
15:58:38.0730 0x0ca8  C:\Windows\System32\dwm.exe - ok
15:58:38.0730 0x0ca8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] C:\Windows\System32\vds.exe
15:58:38.0730 0x0ca8  C:\Windows\System32\vds.exe - ok
15:58:38.0746 0x0ca8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] C:\Windows\System32\VSSVC.exe
15:58:38.0746 0x0ca8  C:\Windows\System32\VSSVC.exe - ok
15:58:38.0746 0x0ca8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] C:\Windows\System32\w32time.dll
15:58:38.0746 0x0ca8  C:\Windows\System32\w32time.dll - ok
15:58:38.0761 0x0ca8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] C:\Windows\System32\wcncsvc.dll
15:58:38.0761 0x0ca8  C:\Windows\System32\wcncsvc.dll - ok
15:58:38.0761 0x0ca8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] C:\Windows\System32\drivers\Wdf01000.sys
15:58:38.0761 0x0ca8  C:\Windows\System32\drivers\Wdf01000.sys - ok
15:58:38.0761 0x0ca8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\Windows\System32\WcsPlugInService.dll
15:58:38.0761 0x0ca8  C:\Windows\System32\WcsPlugInService.dll - ok
15:58:38.0777 0x0ca8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\Windows\System32\wdi.dll
15:58:38.0777 0x0ca8  C:\Windows\System32\wdi.dll - ok
15:58:38.0777 0x0ca8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] C:\Windows\System32\WebClnt.dll
15:58:38.0777 0x0ca8  C:\Windows\System32\WebClnt.dll - ok
15:58:38.0777 0x0ca8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\Windows\System32\wecsvc.dll
15:58:38.0777 0x0ca8  C:\Windows\System32\wecsvc.dll - ok
15:58:38.0793 0x0ca8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\Windows\System32\wercplsupport.dll
15:58:38.0793 0x0ca8  C:\Windows\System32\wercplsupport.dll - ok
15:58:38.0793 0x0ca8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] C:\Windows\System32\wersvc.dll
15:58:38.0793 0x0ca8  C:\Windows\System32\wersvc.dll - ok
15:58:38.0808 0x0ca8  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B, 2C65C129BD1D4279B78E7EDF83F6FB398B705A56A99942F4CA61C9E52D21D25A ] C:\Windows\System32\winhttp.dll
15:58:38.0808 0x0ca8  C:\Windows\System32\winhttp.dll - ok
15:58:38.0808 0x0ca8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] C:\Windows\System32\wbem\WMIsvc.dll
15:58:38.0808 0x0ca8  C:\Windows\System32\wbem\WMIsvc.dll - ok
15:58:38.0808 0x0ca8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\Windows\System32\WsmSvc.dll
15:58:38.0808 0x0ca8  C:\Windows\System32\WsmSvc.dll - ok
15:58:38.0824 0x0ca8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] C:\Windows\System32\wbem\WmiApSrv.exe
15:58:38.0824 0x0ca8  C:\Windows\System32\wbem\WmiApSrv.exe - ok
15:58:38.0824 0x0ca8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] C:\Windows\System32\wlansvc.dll
15:58:38.0824 0x0ca8  C:\Windows\System32\wlansvc.dll - ok
15:58:38.0824 0x0ca8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:58:38.0824 0x0ca8  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:58:38.0839 0x0ca8  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:58:38.0839 0x0ca8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
15:58:38.0839 0x0ca8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] C:\Windows\System32\wpcsvc.dll
15:58:38.0839 0x0ca8  C:\Windows\System32\wpcsvc.dll - ok
15:58:38.0839 0x0ca8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] C:\Windows\System32\wpdbusenum.dll
15:58:38.0839 0x0ca8  C:\Windows\System32\wpdbusenum.dll - ok
15:58:38.0855 0x0ca8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] C:\Windows\System32\wscsvc.dll
15:58:38.0855 0x0ca8  C:\Windows\System32\wscsvc.dll - ok
15:58:38.0855 0x0ca8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\Windows\System32\wuaueng.dll
15:58:38.0855 0x0ca8  C:\Windows\System32\wuaueng.dll - ok
15:58:38.0855 0x0ca8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] C:\Windows\System32\drivers\WUDFPf.sys
15:58:38.0855 0x0ca8  C:\Windows\System32\drivers\WUDFPf.sys - ok
15:58:38.0871 0x0ca8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] C:\Windows\System32\WUDFSvc.dll
15:58:38.0871 0x0ca8  C:\Windows\System32\WUDFSvc.dll - ok
15:58:38.0871 0x0ca8  [ 8FC182167381E9915651267044105EE1, A0F0039496CA0755C07E7F249D4101D66FA64AFA5C8CE036428060AB106A1250 ] C:\Windows\System32\scecli.dll
15:58:38.0871 0x0ca8  C:\Windows\System32\scecli.dll - ok
15:58:38.0886 0x0ca8  [ CD08EEC61C591AF59A39F4363C567D30, 6A8413BE885A07235F59846FAD986B7A65CF009EAD78DD378114B6362DDDB371 ] C:\Windows\System32\ntmarta.dll
15:58:38.0886 0x0ca8  C:\Windows\System32\ntmarta.dll - ok
15:58:38.0886 0x0ca8  [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\Windows\System32\svchost.exe
15:58:38.0886 0x0ca8  C:\Windows\System32\svchost.exe - ok
15:58:38.0886 0x0ca8  [ 9A7F4B2EDACD11444D048AA19CBB26AF, 2CC3632D39484C959855B8A27DDED12A44765D7723CCF150E9F8B70015F1AA2E ] C:\Windows\System32\powrprof.dll
15:58:38.0886 0x0ca8  C:\Windows\System32\powrprof.dll - ok
15:58:38.0902 0x0ca8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\Windows\System32\drivers\luafv.sys
15:58:38.0902 0x0ca8  C:\Windows\System32\drivers\luafv.sys - ok
15:58:38.0902 0x0ca8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] C:\Windows\System32\rpcss.dll
15:58:38.0902 0x0ca8  C:\Windows\System32\rpcss.dll - ok
15:58:38.0902 0x0ca8  [ 69827805A221C21450BA22F4326A2EE3, 2580CEB58BE4AEF7DEB134F3AD251188CAED05BC992B4FA977CCD11BD583BE5E ] C:\Windows\System32\version.dll
15:58:38.0902 0x0ca8  C:\Windows\System32\version.dll - ok
15:58:38.0917 0x0ca8  [ F26F7A5B18C717E57E3B6B306ABEC00B, 4C49C67A48F6B77E38A7FD28C960C92DFF371ACF0722C6EE4DF5F4B382937870 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:58:38.0917 0x0ca8  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
15:58:38.0917 0x0ca8  [ B7DC2E397A8C532B44E258F97D0A4577, 9170E2037EB23CA23E699B2269631DC8A48E49B40E141410014E080CE75EF0CF ] C:\Program Files\Microsoft Security Client\MpSvc.dll
15:58:38.0917 0x0ca8  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
15:58:38.0933 0x0ca8  [ 29E736C572BE69C1D42C7C96EA70855A, 255724F0FE7A0D717EB91472D0B2C1DACEBDF0D10BAB6ECCDB6E59FAC1531CE8 ] C:\Program Files\Microsoft Security Client\MpClient.dll
15:58:38.0933 0x0ca8  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
15:58:38.0933 0x0ca8  [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\Windows\System32\wtsapi32.dll
15:58:38.0933 0x0ca8  C:\Windows\System32\wtsapi32.dll - ok
15:58:38.0933 0x0ca8  [ D16A740186870C32941C0E61DF4F1298, 070E994DC851F9E397CCABCB2227D3E4E096463E89BF34E3C09896BF9A08C91E ] C:\Windows\System32\wintrust.dll
15:58:38.0933 0x0ca8  C:\Windows\System32\wintrust.dll - ok
15:58:38.0949 0x0ca8  [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\Windows\System32\LogonUI.exe
15:58:38.0949 0x0ca8  C:\Windows\System32\LogonUI.exe - ok
15:58:38.0949 0x0ca8  [ 0A9CEE363AF221CCCBDBFA3F953F40D5, A0677F891FF9FE7C779F27CDDBE702F4DC4B443B21BC1541B08AD7BCF11DC24A ] C:\Windows\System32\authuitu.dll
15:58:38.0949 0x0ca8  C:\Windows\System32\authuitu.dll - ok
15:58:38.0964 0x0ca8  [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\Windows\System32\dbghelp.dll
15:58:38.0964 0x0ca8  C:\Windows\System32\dbghelp.dll - ok
15:58:38.0964 0x0ca8  [ BE3C082837866C4C291ADAF163C10EA6, 9C65ABFE6E11B05C9309B86A87ADDD3557C043D4582E1A29530EBC36D470B13D ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
15:58:38.0964 0x0ca8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
15:58:38.0964 0x0ca8  [ 1BD89641D9B1012796AFADAB9A659974, F892ACD91D13CC98F21146A6E4FACB15FA36253F5B9EA0540480488097DE08F1 ] C:\Windows\System32\authui.dll
15:58:38.0964 0x0ca8  C:\Windows\System32\authui.dll - ok
15:58:38.0980 0x0ca8  [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\Windows\System32\msimg32.dll
15:58:38.0980 0x0ca8  C:\Windows\System32\msimg32.dll - ok
15:58:38.0980 0x0ca8  [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\Windows\System32\uxtheme.dll
15:58:38.0980 0x0ca8  C:\Windows\System32\uxtheme.dll - ok
15:58:38.0980 0x0ca8  [ 8FDC45CC3E3CB5D152ED95037A943129, 51DDB7F2D8CFC6BD7C79C439CFFBA1A5C586592B94279058A600880DD0B33BE4 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19299_none_9e595caeca0ff663\GdiPlus.dll
15:58:38.0980 0x0ca8  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19299_none_9e595caeca0ff663\GdiPlus.dll - ok
15:58:38.0995 0x0ca8  [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\Windows\System32\duser.dll
15:58:38.0995 0x0ca8  C:\Windows\System32\duser.dll - ok
15:58:38.0995 0x0ca8  [ 1908CC7673F72601AFFDCA022689CEDF, 57E9F87421D7D7447F0BE5B6746D90DECFBCF82972E9A08E2F3943F6CDAE9F84 ] C:\Windows\System32\xmllite.dll
15:58:38.0995 0x0ca8  C:\Windows\System32\xmllite.dll - ok
15:58:39.0011 0x0ca8  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB, 272C4175900FD4DD36E863BF6658AA1DB863C01573E0C89E354754938AA32EDF ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:58:39.0011 0x0ca8  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:58:39.0011 0x0ca8  [ 9DC3723519F52B6BC63EACD4BD411313, 7EA9EC9AD518AA9E575100E052CAC44EC2443501C4E133E9C7C70A05A171D239 ] C:\Windows\System32\rasplap.dll
15:58:39.0011 0x0ca8  C:\Windows\System32\rasplap.dll - ok
15:58:39.0011 0x0ca8  [ 3CB863B78642405371CB3A71C07E2382, 571D43BBB0D0D54A7D508E9D0E70CDF5F1F3B147B4F6B15EB3D893401BB6F40F ] C:\Windows\System32\rasapi32.dll
15:58:39.0011 0x0ca8  C:\Windows\System32\rasapi32.dll - ok
15:58:39.0027 0x0ca8  [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\Windows\System32\rasman.dll
15:58:39.0027 0x0ca8  C:\Windows\System32\rasman.dll - ok
15:58:39.0027 0x0ca8  [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\Windows\System32\tapi32.dll
15:58:39.0027 0x0ca8  C:\Windows\System32\tapi32.dll - ok
15:58:39.0042 0x0ca8  [ DC15AB7168C0309D8F04FD95B6240422, C94550429403C710A2BD26EA67AEF698522CF4826C0A4C4A7D2CBC3145AB40A6 ] C:\Windows\System32\oleacc.dll
15:58:39.0042 0x0ca8  C:\Windows\System32\oleacc.dll - ok
15:58:39.0042 0x0ca8  [ 3D418A22A56471295AEB1CEB9027C3DA, C1D5E63B7400E6436E348AE1D9E2B3701174856DDAACE39C00134DC89497AACF ] C:\Windows\System32\rtutils.dll
15:58:39.0042 0x0ca8  C:\Windows\System32\rtutils.dll - ok
15:58:39.0058 0x0ca8  [ 14FF750EFE13B0C21E5A06507C3A97B1, 6962EE642FB635442D3E75CE022BAFE78FA453DD6E8E3DAC8B484C699454AF0F ] C:\Windows\System32\winmm.dll
15:58:39.0058 0x0ca8  C:\Windows\System32\winmm.dll - ok
15:58:39.0058 0x0ca8  [ 627920CFF5DFCF8CF54CF2D592D61307, 5339B6E9EA04AD8FCFF976E0DEBB62C1591980E50906DC0D11640EB6CD6CF183 ] C:\Windows\System32\WinSCard.dll
15:58:39.0058 0x0ca8  C:\Windows\System32\WinSCard.dll - ok
15:58:39.0058 0x0ca8  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\Windows\System32\shgina.dll
15:58:39.0058 0x0ca8  C:\Windows\System32\shgina.dll - ok
15:58:39.0073 0x0ca8  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\Windows\System32\shacct.dll
15:58:39.0073 0x0ca8  C:\Windows\System32\shacct.dll - ok
15:58:39.0073 0x0ca8  [ 7DACD94118E2D8B6D72F47ADEB0367BF, 6467DE36C7DB6502AF17210148194F16BE76A9BA793105FAC763536CC14CE693 ] C:\Windows\System32\propsys.dll
15:58:39.0073 0x0ca8  C:\Windows\System32\propsys.dll - ok
15:58:39.0089 0x0ca8  [ 60F41FD025A56AC06EC8D11B7FC22A08, 8CE9AA375402E03AF0B55DBA29FDFF8CEC998AC8BF6108943B620982CFE6CDF2 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
15:58:39.0089 0x0ca8  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
15:58:39.0089 0x0ca8  [ 740B9B4140CACCD0513D999EAB488E48, 14DBD7F2681EB4E48239A30E274A2F7D6ED75977BCCDDA20B9A7D7B13167C5ED ] C:\Windows\System32\Ati2evxx.exe
15:58:39.0089 0x0ca8  C:\Windows\System32\Ati2evxx.exe - ok
15:58:39.0089 0x0ca8  [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\Windows\System32\cfgmgr32.dll
15:58:39.0089 0x0ca8  C:\Windows\System32\cfgmgr32.dll - ok
15:58:39.0105 0x0ca8  [ 6BCA155861A5F2A3169E189034A62190, EB0308D94D3E06FF15628107FB2CB8F5F2471536137AF44410C53F77B66A6A2E ] C:\Program Files\Microsoft Security Client\MpCommu.dll
15:58:39.0105 0x0ca8  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
15:58:39.0105 0x0ca8  [ 56B5914070B2C243DFB3D186070DA89D, 657EBC48F8AE297F76898C5417797C3542B086C40F84D32F7D76FA14893B2C08 ] C:\Windows\System32\MMDevAPI.dll
15:58:39.0105 0x0ca8  C:\Windows\System32\MMDevAPI.dll - ok
15:58:39.0105 0x0ca8  [ 4611CBF2D67D2259CD9F570E6272907B, 35FDB0D4C39A4C5EB32B43E24F22B913D085F3FE4D90CCB07C06D04C0B6A5121 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
15:58:39.0105 0x0ca8  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
15:58:39.0120 0x0ca8  [ A9542FF2E9A82CF100E5729EC79068F0, DE0E39246536BD63CC5DFF8CE9E379121126573AB284BAD3782E5B217239F858 ] C:\Windows\System32\fltLib.dll
15:58:39.0120 0x0ca8  C:\Windows\System32\fltLib.dll - ok

Alt 02.04.2015, 15:55   #8
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


TDSSKiller log 2.4.15, 16.02 h

Rest Teil

Code:
ATTFilter
15:58:39.0120 0x0ca8  [ CF7540DEA122F8172F7BDFFB5B696B86, 7C90D475323D1ABE19EEA32636D345F25E5D14B34DEFD615F0642D04166307C7 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
15:58:39.0120 0x0ca8  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
15:58:39.0120 0x0ca8  [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\Windows\System32\avrt.dll
15:58:39.0120 0x0ca8  C:\Windows\System32\avrt.dll - ok
15:58:39.0136 0x0ca8  [ 7D2484C4995A3DB47345EFED2A0B579E, 55B3CDE0BEF743874793679692A6C744B2771C85A0FEE1904F28A51EEE9C0CEB ] C:\Windows\System32\drivers\MpFilter.sys
15:58:39.0136 0x0ca8  C:\Windows\System32\drivers\MpFilter.sys - ok
15:58:39.0136 0x0ca8  [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\Windows\System32\WUDFPlatform.dll
15:58:39.0136 0x0ca8  C:\Windows\System32\WUDFPlatform.dll - ok
15:58:39.0151 0x0ca8  [ 1C58C5DB74BEE4287E4EE276C48FE9B6, 924861F8E8D7FE55F3E24DCB4B014B4BE274BEF07F7A8EA419F568DCAAEE1EDB ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
15:58:39.0151 0x0ca8  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
15:58:39.0151 0x0ca8  [ 15F315B53C69930BF907D9A0FFCB6206, AD83797FFCD6B253D4901C7F09E9AE47FA710E8B7E2961D9F55C71C789930FD2 ] C:\Windows\System32\adtschema.dll
15:58:39.0151 0x0ca8  C:\Windows\System32\adtschema.dll - ok
15:58:39.0151 0x0ca8  [ AB40C27E7B5A5EF6B107DBF486464527, 93EE008AE000D90D76FCC5235114A744768B392E18FB795B266967DA0B29ABAA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpengine.dll
15:58:39.0151 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpengine.dll - ok
15:58:39.0167 0x0ca8  [ 60937252DF5A219C375FE1671590DE1A, C5BDBA9200C7E2AFFE2AB571FDC81F39443A17610ED05FC9D0304B9CAF744694 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpasbase.vdm
15:58:39.0167 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpasbase.vdm - ok
15:58:39.0167 0x0ca8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] C:\Windows\System32\drivers\fltMgr.sys
15:58:39.0167 0x0ca8  C:\Windows\System32\drivers\fltMgr.sys - ok
15:58:39.0183 0x0ca8  [ 57418956DDAE128D1023C508E7D07071, 94C77D511983CD139D909C3E157BA5DF579EB3D559C58CB69517B8895D591034 ] C:\Windows\System32\PSHED.DLL
15:58:39.0183 0x0ca8  C:\Windows\System32\PSHED.DLL - ok
15:58:39.0183 0x0ca8  [ 3437B9E218A2E4586BEF4F7A3BD00777, 01FBFA70A741B1717430FCA58F675C2154B83907BD35D75A444C191FB2C2B1A2 ] C:\Windows\System32\audiodg.exe
15:58:39.0183 0x0ca8  C:\Windows\System32\audiodg.exe - ok
15:58:39.0183 0x0ca8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] C:\Windows\System32\gpsvc.dll
15:58:39.0183 0x0ca8  C:\Windows\System32\gpsvc.dll - ok
15:58:39.0198 0x0ca8  [ 16D4D2D721E6DB8518225A37674163F8, 71758864366EC18DA2AF9D8C79E1A76D7C71E17CBE53DB414BD55C61ADCC364D ] C:\Windows\System32\nlaapi.dll
15:58:39.0198 0x0ca8  C:\Windows\System32\nlaapi.dll - ok
15:58:39.0198 0x0ca8  [ 409F36C8BD06FCE184631EB4142B009A, 5DEEA3B8937B9C3DD716060819E78A1C12AD00A7D0EC8CB47823B7EE856CCFE1 ] C:\Windows\System32\atl.dll
15:58:39.0198 0x0ca8  C:\Windows\System32\atl.dll - ok
15:58:39.0198 0x0ca8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] C:\Windows\System32\es.dll
15:58:39.0214 0x0ca8  C:\Windows\System32\es.dll - ok
15:58:39.0214 0x0ca8  [ 217B3071BA854D5D704EE24CFF7E5F9C, 57F40ED08C4E6584E21362ACE490D86890F422A7B8DD41305D985ABFD18DC5D3 ] C:\Windows\System32\WindowsCodecs.dll
15:58:39.0214 0x0ca8  C:\Windows\System32\WindowsCodecs.dll - ok
15:58:39.0214 0x0ca8  [ A7F8BAD9590ADDC425B4003E94780DFA, 52F742BA0DF75CBD3625808FC38119C3F417A074AB65C6CC2B07610168D89CB7 ] C:\Windows\System32\drivers\spsys.sys
15:58:39.0214 0x0ca8  C:\Windows\System32\drivers\spsys.sys - ok
15:58:39.0229 0x0ca8  [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\Windows\System32\hid.dll
15:58:39.0229 0x0ca8  C:\Windows\System32\hid.dll - ok
15:58:39.0229 0x0ca8  [ 44C335EB7724E4CF9E8BAFECA36CC847, 9DB0674B2279D2992319B8B65B5B16162086900AAAB8214AE1E8C98044174292 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpasdlta.vdm
15:58:39.0229 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpasdlta.vdm - ok
15:58:39.0229 0x0ca8  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpavbase.vdm
15:58:39.0229 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpavbase.vdm - ok
15:58:39.0245 0x0ca8  [ 1DBB5A01A04237826F0A5219EE5ED2CA, 602F837007ABA576BE454FB6D693CF2FEC87EBC52E5C2C714EA3D0E549C9BEBA ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpavdlta.vdm
15:58:39.0245 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F330AA3-2DC4-4A57-A5F0-F8C512E88A1D}\mpavdlta.vdm - ok
15:58:39.0245 0x0ca8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] C:\Windows\System32\uxsms.dll
15:58:39.0245 0x0ca8  C:\Windows\System32\uxsms.dll - ok
15:58:39.0261 0x0ca8  [ E118F7CFD80C1346BDC37B64E1270DD6, 6DB61DF82CE065B77A393154B4AAD82351CF66CFC6DD1DC8A98D885DCA41DD38 ] C:\Windows\System32\mshtml.dll
15:58:39.0261 0x0ca8  C:\Windows\System32\mshtml.dll - ok
15:58:39.0261 0x0ca8  [ 4DF066ECEE5A7B20BF8B39EF4D646600, CA1859155E0187388E3C774B796A27B773C026E4D06C9193EF6B23C6990E4E8E ] C:\Windows\System32\wdmaud.drv
15:58:39.0261 0x0ca8  C:\Windows\System32\wdmaud.drv - ok
15:58:39.0261 0x0ca8  [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\Windows\System32\ksuser.dll
15:58:39.0261 0x0ca8  C:\Windows\System32\ksuser.dll - ok
15:58:39.0276 0x0ca8  [ BE377621E2D2B483F8EF447079E55585, 602159B1E5A4DF24C88D1C0AF769BE683667E5851FE13AC70B71F854CC368F9B ] C:\Windows\System32\AudioEng.dll
15:58:39.0276 0x0ca8  C:\Windows\System32\AudioEng.dll - ok
15:58:39.0276 0x0ca8  [ 7258434974EA735725FD2D4A65C5E821, 4D4BCEEDAA3B293B599CED5777E3695C8B1A07805FE84223A72A5785CA68E6F4 ] C:\Windows\System32\AudioSes.dll
15:58:39.0276 0x0ca8  C:\Windows\System32\AudioSes.dll - ok
15:58:39.0276 0x0ca8  [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\Windows\System32\msacm32.dll
15:58:39.0276 0x0ca8  C:\Windows\System32\msacm32.dll - ok
15:58:39.0292 0x0ca8  [ 166F004D73EA2CF4AC61800CA469458D, 7C1D83DC49505E452D7AFD843312B1B197BBB613D604BFF41FD4235B06F24EF3 ] C:\Windows\System32\msacm32.drv
15:58:39.0292 0x0ca8  C:\Windows\System32\msacm32.drv - ok
15:58:39.0292 0x0ca8  [ 83199EF88D691E730B80666E29F90D58, A7D3E5CA5AE7308201159A25BE59C0A90C079F88F0D588BEA7CE98BBD2838FB0 ] C:\Windows\System32\midimap.dll
15:58:39.0292 0x0ca8  C:\Windows\System32\midimap.dll - ok
15:58:39.0307 0x0ca8  [ E50A95179211B12946F7E035D60AF560, 69765E2548BA708FF35545EC944DBA1940AD4065AF90E53B97A7792AC231DCF7 ] C:\Windows\System32\drivers\irda.sys
15:58:39.0307 0x0ca8  C:\Windows\System32\drivers\irda.sys - ok
15:58:39.0307 0x0ca8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\Windows\System32\drivers\lltdio.sys
15:58:39.0307 0x0ca8  C:\Windows\System32\drivers\lltdio.sys - ok
15:58:39.0307 0x0ca8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] C:\Windows\System32\drivers\nwifi.sys
15:58:39.0307 0x0ca8  C:\Windows\System32\drivers\nwifi.sys - ok
15:58:39.0323 0x0ca8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] C:\Windows\System32\drivers\ndisuio.sys
15:58:39.0323 0x0ca8  C:\Windows\System32\drivers\ndisuio.sys - ok
15:58:39.0323 0x0ca8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\Windows\System32\drivers\rspndr.sys
15:58:39.0323 0x0ca8  C:\Windows\System32\drivers\rspndr.sys - ok
15:58:39.0323 0x0ca8  [ 56B73070DB745E192307EB7AB6C55CD5, 23F924A5C89EBBB191668D0D59A483C204E38F7F6FB701E0D7B76FD2CDEF71F6 ] C:\Windows\System32\AUDIOKSE.dll
15:58:39.0323 0x0ca8  C:\Windows\System32\AUDIOKSE.dll - ok
15:58:39.0339 0x0ca8  [ 3AB4023CBD406AC33AB8CDFF6C8079A0, BEAC47A3930E7E0A38540DAD16C934A45CD129251C621B1334715CF8FB6073CA ] C:\Windows\System32\eapphost.dll
15:58:39.0339 0x0ca8  C:\Windows\System32\eapphost.dll - ok
15:58:39.0339 0x0ca8  [ 3B0489DE8CC3058B48471660C60A7B75, A4EE12ACE2EB2E48E0D40A8845E3DCE8CF5A9D07EF29EE38F25A7F5BE3566919 ] C:\Windows\System32\rastls.dll
15:58:39.0339 0x0ca8  C:\Windows\System32\rastls.dll - ok
15:58:39.0354 0x0ca8  [ B9AAF2FE00358A06CA7ABCAD17EB46DF, 56CF12F6D8AE46DF325CFFF8DE149131060402BA27D45770EB51AB169E60B584 ] C:\Windows\System32\ati2edxx.dll
15:58:39.0354 0x0ca8  C:\Windows\System32\ati2edxx.dll - ok
15:58:39.0354 0x0ca8  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A, C7E9FB7FE06626931A64846AE628655FC5469D840E42315E5E70C89810E622B3 ] C:\Windows\System32\raschap.dll
15:58:39.0354 0x0ca8  C:\Windows\System32\raschap.dll - ok
15:58:39.0354 0x0ca8  [ 47DCAB2E600A6C7D068D21FC6D9435E9, 4AB0621BF8DA4DAF1F54C9115C14B79E6BCD97B54FEBD57B211E48665F3C00C7 ] C:\Windows\System32\atipdlxx.dll
15:58:39.0354 0x0ca8  C:\Windows\System32\atipdlxx.dll - ok
15:58:39.0370 0x0ca8  [ AE19B1CFC0F94E89EC0F07360C3847E5, AC3AE55D0ECAB7E66D9E15AB17F7DC65C9AFCE2D0AF7850B1925E9A6A84A5359 ] C:\Windows\System32\Ati2evxx.dll
15:58:39.0370 0x0ca8  C:\Windows\System32\Ati2evxx.dll - ok
15:58:39.0370 0x0ca8  [ C733F39BF75A17693A360EBFB82C146C, B28FD5D8ACDF4D6E81E25FDB643A3CCD7DD5A36ACE0A273ABE26ECA46AA32C07 ] C:\Windows\System32\DaisyWrp.dll
15:58:39.0370 0x0ca8  C:\Windows\System32\DaisyWrp.dll - ok
15:58:39.0370 0x0ca8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] C:\Windows\System32\dnsrslvr.dll
15:58:39.0370 0x0ca8  C:\Windows\System32\dnsrslvr.dll - ok
15:58:39.0385 0x0ca8  [ E9D1EF681E0F3B95C9B5FD648FA95371, EC9F612972E3942B4CD92AD18B8AF8E9961B0A16F98828261DFDA89D98E4E94F ] C:\Windows\System32\wshirda.dll
15:58:39.0385 0x0ca8  C:\Windows\System32\wshirda.dll - ok
15:58:39.0385 0x0ca8  [ 9D9CCA142EFBB7F592E71CB91AC6C92D, 479C702A6E125AF7957F2E6932365D54CCE628D8CACB2FED83F964CF340B75C6 ] C:\Windows\System32\RtkAPO.dll
15:58:39.0385 0x0ca8  C:\Windows\System32\RtkAPO.dll - ok
15:58:39.0385 0x0ca8  [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\Windows\System32\umb.dll
15:58:39.0385 0x0ca8  C:\Windows\System32\umb.dll - ok
15:58:39.0401 0x0ca8  [ 3727F8B85E24BBDD325BFF75F029DDE3, 18772D32845D44D36A6257379942952B301CF8357B1C7A55387A4F2661CE3FBA ] C:\Windows\System32\wlanmsm.dll
15:58:39.0401 0x0ca8  C:\Windows\System32\wlanmsm.dll - ok
15:58:39.0401 0x0ca8  [ 4662AF853DFAD5648CE3814E7D9EF3D6, 47AF7FAA6378FC1484521465EF3258E55530ADEF880454EA523B03B302166268 ] C:\Windows\System32\wlansec.dll
15:58:39.0401 0x0ca8  C:\Windows\System32\wlansec.dll - ok
15:58:39.0417 0x0ca8  [ 41DFDCFCEF4878407AF1F6DCCA1CE905, A2EB1BAEDE62752C5705B37D0261D98CA65EA5A6FD6A94AFF1C73FF7D969D242 ] C:\Windows\System32\WMALFXGFXDSP.dll
15:58:39.0417 0x0ca8  C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:58:39.0417 0x0ca8  [ BF142D4F8C61ED3629A9CDD7BA867900, B7928A0143945CB5F19AE888BC1ED1B9C450807A5B8C65FDC139A46777B2827F ] C:\Windows\System32\mfplat.dll
15:58:39.0417 0x0ca8  C:\Windows\System32\mfplat.dll - ok
15:58:39.0417 0x0ca8  [ B64AC7967D6B9FB2D6152AC768A1CB88, D4F46C3DCAE8A7578102961285BB90BFE1BDE31028CC56E2CEFE0DE8FF32FB85 ] C:\Windows\System32\onex.dll
15:58:39.0417 0x0ca8  C:\Windows\System32\onex.dll - ok
15:58:39.0432 0x0ca8  [ 5D0FE613570CABE3992F7DBCD68E61D1, 68A6D6DA722E9A5120DE240194F9682ACBB485CEBDD8A6A099AE0E76359302B9 ] C:\Windows\System32\eappcfg.dll
15:58:39.0432 0x0ca8  C:\Windows\System32\eappcfg.dll - ok
15:58:39.0432 0x0ca8  [ 9D9FFC923FADBB575E0452EA0BBB15BD, 700A292EFEC71EDF2EF7F20D147F6E23E0FAA5BAF1D930CB96C40FC70D206D35 ] C:\Windows\System32\eappprxy.dll
15:58:39.0432 0x0ca8  C:\Windows\System32\eappprxy.dll - ok
15:58:39.0432 0x0ca8  [ 91D995A67D9447592A1BF21CBC15C628, B9C034997481150E3F6EB0EC83EA30AFE04CFF6B1273AC6EC6795C57DF853C64 ] C:\Windows\System32\wlgpclnt.dll
15:58:39.0432 0x0ca8  C:\Windows\System32\wlgpclnt.dll - ok
15:58:39.0448 0x0ca8  [ 19FFAD68A02AF1BF0BC336EE26CD6767, C3E6E79A1E6681CE988591F3CADB3F08E37ACAB2D8478A250D9D6881F6C716A6 ] C:\Windows\System32\l2gpstore.dll
15:58:39.0448 0x0ca8  C:\Windows\System32\l2gpstore.dll - ok
15:58:39.0448 0x0ca8  [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\Windows\System32\wlanutil.dll
15:58:39.0448 0x0ca8  C:\Windows\System32\wlanutil.dll - ok
15:58:39.0463 0x0ca8  [ 1E06779EDB55D035DD3F4A2B7432A291, 247E0A741C23D2C9CA1784CECF63211EA0D4ED924CDA866DAA6F51256230BB32 ] C:\Windows\System32\msxml6.dll
15:58:39.0463 0x0ca8  C:\Windows\System32\msxml6.dll - ok
15:58:39.0463 0x0ca8  [ 9474AD3584430D24DA87517F9DB0CBB2, 62AF2AD461E255B2B646F7462A7F2592BC7CE2FCAC980F09B5E8AC54F3C912D0 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
15:58:39.0463 0x0ca8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
15:58:39.0463 0x0ca8  [ 23C3A0680042C0D1DE1F360F8B62BC57, 258907CF0989CFFA469AAFA31A133BDBC8EA2C728975577DFCEB837B708FF107 ] C:\Windows\System32\wlanext.exe
15:58:39.0463 0x0ca8  C:\Windows\System32\wlanext.exe - ok
15:58:39.0479 0x0ca8  [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\Windows\System32\ktmw32.dll
15:58:39.0479 0x0ca8  C:\Windows\System32\ktmw32.dll - ok
15:58:39.0479 0x0ca8  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\Windows\System32\netcfgx.dll
15:58:39.0479 0x0ca8  C:\Windows\System32\netcfgx.dll - ok
15:58:39.0479 0x0ca8  [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\Windows\System32\cabinet.dll
15:58:39.0479 0x0ca8  C:\Windows\System32\cabinet.dll - ok
15:58:39.0495 0x0ca8  [ 2A6A2C09ECC2CB495628E45F1379ECE8, 4E9232EB29AEA58C4EC5B505301F01F62EFB0C1BC5F8B5F9CE1B4C91284FD97D ] C:\Windows\System32\taskcomp.dll
15:58:39.0495 0x0ca8  C:\Windows\System32\taskcomp.dll - ok
15:58:39.0495 0x0ca8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] C:\Windows\System32\drivers\http.sys
15:58:39.0495 0x0ca8  C:\Windows\System32\drivers\http.sys - ok
15:58:39.0510 0x0ca8  [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\Windows\System32\wiarpc.dll
15:58:39.0510 0x0ca8  C:\Windows\System32\wiarpc.dll - ok
15:58:39.0510 0x0ca8  [ E79FDA8D320147FDC347C504B3487F87, 7BAF7C9828A285875BCF92EF33E1F0F5A2ED8A25289333985A9428E2913DF3CC ] C:\Windows\System32\spoolss.dll
15:58:39.0510 0x0ca8  C:\Windows\System32\spoolss.dll - ok
15:58:39.0510 0x0ca8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] C:\Windows\System32\drivers\srvnet.sys
15:58:39.0510 0x0ca8  C:\Windows\System32\drivers\srvnet.sys - ok
15:58:39.0526 0x0ca8  [ EE16F3E01C4A6C77383F1BBBD10AD6C2, 204BF3757B362EDBCEC29C0576B7F666D6B9422C72491F4C566B27D20F45A031 ] C:\Windows\System32\FWPUCLNT.DLL
15:58:39.0526 0x0ca8  C:\Windows\System32\FWPUCLNT.DLL - ok
15:58:39.0526 0x0ca8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] C:\Windows\System32\drivers\bowser.sys
15:58:39.0526 0x0ca8  C:\Windows\System32\drivers\bowser.sys - ok
15:58:39.0541 0x0ca8  [ A0F4852A5DB9754BEC06F84B400AE743, B233988541B738FC8082F6A286A88DE40679476D3914E9E541D75B89E451C476 ] C:\Windows\System32\wscapi.dll
15:58:39.0541 0x0ca8  C:\Windows\System32\wscapi.dll - ok
15:58:39.0541 0x0ca8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\Windows\System32\drivers\mpsdrv.sys
15:58:39.0541 0x0ca8  C:\Windows\System32\drivers\mpsdrv.sys - ok
15:58:39.0541 0x0ca8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] C:\Windows\System32\drivers\mrxsmb.sys
15:58:39.0541 0x0ca8  C:\Windows\System32\drivers\mrxsmb.sys - ok
15:58:39.0557 0x0ca8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] C:\Windows\System32\MPSSVC.dll
15:58:39.0557 0x0ca8  C:\Windows\System32\MPSSVC.dll - ok
15:58:39.0557 0x0ca8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:58:39.0557 0x0ca8  C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:58:39.0557 0x0ca8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] C:\Windows\System32\drivers\mrxsmb20.sys
15:58:39.0557 0x0ca8  C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:58:39.0573 0x0ca8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] C:\Windows\System32\drivers\srv2.sys
15:58:39.0573 0x0ca8  C:\Windows\System32\drivers\srv2.sys - ok
15:58:39.0573 0x0ca8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] C:\Windows\System32\drivers\srv.sys
15:58:39.0573 0x0ca8  C:\Windows\System32\drivers\srv.sys - ok
15:58:39.0573 0x0ca8  [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\Windows\System32\clusapi.dll
15:58:39.0573 0x0ca8  C:\Windows\System32\clusapi.dll - ok
15:58:39.0588 0x0ca8  [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\Windows\System32\netmsg.dll
15:58:39.0588 0x0ca8  C:\Windows\System32\netmsg.dll - ok
15:58:39.0588 0x0ca8  [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\Windows\System32\sscore.dll
15:58:39.0588 0x0ca8  C:\Windows\System32\sscore.dll - ok
15:58:39.0604 0x0ca8  [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\Windows\System32\activeds.dll
15:58:39.0604 0x0ca8  C:\Windows\System32\activeds.dll - ok
15:58:39.0604 0x0ca8  [ E9B9C1B98C8D6D48407E1C1203EAC659, A7B836B37935475E7D7277F9A7828E347B2EBD14958836499E5610AC5A922265 ] C:\Windows\System32\adsldpc.dll
15:58:39.0604 0x0ca8  C:\Windows\System32\adsldpc.dll - ok
15:58:39.0604 0x0ca8  [ 93E317D7AD783D8EAEE2E3500BFE889D, 12D3ACCBF470E025EEBD77CF3407964950DADCF6991959A97B5319A9FAE219C1 ] C:\Windows\System32\credui.dll
15:58:39.0604 0x0ca8  C:\Windows\System32\credui.dll - ok
15:58:39.0619 0x0ca8  [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\Windows\System32\wfapigp.dll
15:58:39.0619 0x0ca8  C:\Windows\System32\wfapigp.dll - ok
15:58:39.0619 0x0ca8  [ 5F1DEC3824E566457F53F24F493FEF08, 8ED9B269E5195BD11FF7ED6EBBC19FA32027AD068DF357660C9E5084922329B5 ] C:\Windows\System32\mscms.dll
15:58:39.0619 0x0ca8  C:\Windows\System32\mscms.dll - ok
15:58:39.0619 0x0ca8  [ 4A1E806032413883BAF1E9A6047BC668, 4D8EA2B36B57C7ABF131193B9C23B1A7209A3464C2716C471C7F8C11E0FA9E62 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
15:58:39.0619 0x0ca8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
15:58:39.0635 0x0ca8  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\Windows\System32\resutils.dll
15:58:39.0635 0x0ca8  C:\Windows\System32\resutils.dll - ok
15:58:39.0635 0x0ca8  [ 1311171CF8F6D2954441EF2A42693035, 516FFF8E8DCEE409EF525276EAEB62DB67BA63448D9ED4B53F412F70A587799C ] C:\Windows\System32\WsmRes.dll
15:58:39.0635 0x0ca8  C:\Windows\System32\WsmRes.dll - ok
15:58:39.0635 0x0ca8  [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\Windows\System32\plasrv.exe
15:58:39.0651 0x0ca8  C:\Windows\System32\plasrv.exe - ok
15:58:39.0651 0x0ca8  [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\Windows\System32\dllhost.exe
15:58:39.0651 0x0ca8  C:\Windows\System32\dllhost.exe - ok
15:58:39.0651 0x0ca8  [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\Windows\System32\shimeng.dll
15:58:39.0651 0x0ca8  C:\Windows\System32\shimeng.dll - ok
15:58:39.0666 0x0ca8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] C:\Windows\System32\drivers\parport.sys
15:58:39.0666 0x0ca8  C:\Windows\System32\drivers\parport.sys - ok
15:58:39.0666 0x0ca8  [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
15:58:39.0666 0x0ca8  C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
15:58:39.0666 0x0ca8  [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\Windows\System32\userinit.exe
15:58:39.0666 0x0ca8  C:\Windows\System32\userinit.exe - ok
15:58:39.0682 0x0ca8  [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\Windows\System32\dwmapi.dll
15:58:39.0682 0x0ca8  C:\Windows\System32\dwmapi.dll - ok
15:58:39.0682 0x0ca8  [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\Windows\System32\dwmredir.dll
15:58:39.0682 0x0ca8  C:\Windows\System32\dwmredir.dll - ok
15:58:39.0697 0x0ca8  [ C99403A5B641520DAED0021DDA06F272, 5E337BDA9D4899A7102F35592766F24699F41BE27A18D0EDF4902B27BE9EA0AF ] C:\Windows\System32\milcore.dll
15:58:39.0697 0x0ca8  C:\Windows\System32\milcore.dll - ok
15:58:39.0697 0x0ca8  [ D6916995A3736E41224FC757E6520060, 374927C9AA4FDEE2AC4A66323D80F79216B19FFD0D42F252208E9F56FCEEC13C ] C:\Program Files\AVG\AVG2015\avgfws.exe
15:58:39.0697 0x0ca8  C:\Program Files\AVG\AVG2015\avgfws.exe - ok
15:58:39.0697 0x0ca8  [ 3D50C4B10352367D5CB20ED1F50F8DA2, 03C2732F2DF18CE8CC3CB9EBF2F811A2333C96D8BBC9111F6CCE15A09D8E63E6 ] C:\Windows\System32\taskeng.exe
15:58:39.0697 0x0ca8  C:\Windows\System32\taskeng.exe - ok
15:58:39.0713 0x0ca8  [ B4EA5385A644EA78B2A2D151548D9539, BD49FAFD59D41FEA23B065AA893351AD3E43E67FE1A941CA3FC43CC3CD097E70 ] C:\Program Files\AVG\AVG2015\avgfwcfg3dllx.dll
15:58:39.0713 0x0ca8  C:\Program Files\AVG\AVG2015\avgfwcfg3dllx.dll - ok
15:58:39.0713 0x0ca8  [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\Windows\System32\msvcr110.dll
15:58:39.0713 0x0ca8  C:\Windows\System32\msvcr110.dll - ok
15:58:39.0713 0x0ca8  [ 8AAEEE8E59A70F37579993D118A34EE0, 9DC8618557B0D852EEA1163CF312EB68F8DF42486E4E76A74926CF99DB06AC92 ] C:\Windows\System32\d3d9.dll
15:58:39.0713 0x0ca8  C:\Windows\System32\d3d9.dll - ok
15:58:39.0729 0x0ca8  [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\Windows\System32\msvcp110.dll
15:58:39.0729 0x0ca8  C:\Windows\System32\msvcp110.dll - ok
15:58:39.0729 0x0ca8  [ AF24A9DF84637BF9858EC6FB88EBA7B2, 0F77BA28FACD1E0BD8C9C8AB7F89EBCF095C6A9D1522FA7158E848ACE3446B4C ] C:\Windows\System32\snmpapi.dll
15:58:39.0729 0x0ca8  C:\Windows\System32\snmpapi.dll - ok
15:58:39.0744 0x0ca8  [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\Windows\System32\d3d8thk.dll
15:58:39.0744 0x0ca8  C:\Windows\System32\d3d8thk.dll - ok
15:58:39.0744 0x0ca8  [ C411C80F90D6732380352B98B37BBD53, FC5A45F208072249CAA1CA9A602FEBAD24A87166628275AC15FE37B7EEF00A40 ] C:\Windows\System32\winrnr.dll
15:58:39.0744 0x0ca8  C:\Windows\System32\winrnr.dll - ok
15:58:39.0744 0x0ca8  [ 2759CFCDB361F6F46D50BD2AFD7D4BCD, A3EEC4FE01747F42F3168999FBDCAFAF8FD5A68BFDB417BBF990AEDD78C6345E ] C:\Windows\System32\atiumdag.dll
15:58:39.0744 0x0ca8  C:\Windows\System32\atiumdag.dll - ok
15:58:39.0760 0x0ca8  [ D07D4C3038F3578FFCE1C0237F2A1253, 135DD05678C8997B45982D77298DBDD98061C9D4FE43D77866846012EB061A04 ] C:\Windows\explorer.exe
15:58:39.0760 0x0ca8  C:\Windows\explorer.exe - ok
15:58:39.0760 0x0ca8  [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\Windows\System32\rasadhlp.dll
15:58:39.0760 0x0ca8  C:\Windows\System32\rasadhlp.dll - ok
15:58:39.0760 0x0ca8  [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] C:\Program Files\AVG\AVG2015\avgidsagent.exe
15:58:39.0760 0x0ca8  C:\Program Files\AVG\AVG2015\avgidsagent.exe - ok
15:58:39.0775 0x0ca8  [ 852442DF51DCB02980181767F9F1D0D0, 8F8441C662044F73989AFC21AFF7EE9FDCF5A722E8461DFA8C7D990B5F0A1330 ] C:\Windows\System32\atiumdva.dll
15:58:39.0775 0x0ca8  C:\Windows\System32\atiumdva.dll - ok
15:58:39.0775 0x0ca8  [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\Windows\System32\TSChannel.dll
15:58:39.0775 0x0ca8  C:\Windows\System32\TSChannel.dll - ok
15:58:39.0791 0x0ca8  [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\Windows\System32\HotStartUserAgent.dll
15:58:39.0791 0x0ca8  C:\Windows\System32\HotStartUserAgent.dll - ok
15:58:39.0791 0x0ca8  [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] C:\Program Files\AVG\AVG2015\avgwdsvc.exe
15:58:39.0791 0x0ca8  C:\Program Files\AVG\AVG2015\avgwdsvc.exe - ok
15:58:39.0791 0x0ca8  [ 7A623F6B4C51F6F2BC1A31D5787FC0A7, 673A7F086251CC5CB6473BC392A7572566F58A11F4DE1B8D7B3C281A1A5AE11C ] C:\Windows\System32\uDWM.dll
15:58:39.0791 0x0ca8  C:\Windows\System32\uDWM.dll - ok
15:58:39.0807 0x0ca8  [ 58FF11C95C3681C9250914521CB9F036, 21249A7F85FCCC5DF56F67C92D3964CFBD3E9855EABDD2148075200A86868372 ] C:\Windows\System32\drivers\int15.sys
15:58:39.0807 0x0ca8  C:\Windows\System32\drivers\int15.sys - ok
15:58:39.0807 0x0ca8  [ 17FC3EDA0162F513E858B8C8FA7FA6E0, 6A1EE9DA1AB4A038258B6343E28C6F288AAFBBF3075C88BFBADB98C763F906AC ] C:\Windows\System32\vssapi.dll
15:58:39.0807 0x0ca8  C:\Windows\System32\vssapi.dll - ok
15:58:39.0807 0x0ca8  [ AD48183027CAFCEBC322CB9CAC60F9B8, 08ABF5E3E8ABAFEC30C97B59711DB1094A1A7C515B161856547FEFF95397C4B6 ] C:\Windows\System32\WSDApi.dll
15:58:39.0807 0x0ca8  C:\Windows\System32\WSDApi.dll - ok
15:58:39.0822 0x0ca8  [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\Windows\System32\vsstrace.dll
15:58:39.0822 0x0ca8  C:\Windows\System32\vsstrace.dll - ok
15:58:39.0822 0x0ca8  [ 71B479749F0F52C4FEC726C6FFA2CE1C, ED0F1D94620696941E9633F55AC4130EFBDA3B883CA356BB34D268F4FC7F94F1 ] C:\Windows\System32\cryptnet.dll
15:58:39.0822 0x0ca8  C:\Windows\System32\cryptnet.dll - ok
15:58:39.0838 0x0ca8  [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\Windows\System32\SensApi.dll
15:58:39.0838 0x0ca8  C:\Windows\System32\SensApi.dll - ok
15:58:39.0838 0x0ca8  [ F86293D93760C70ADF4F19E66E3FA5E8, 444C1B9321D40A0EAB29BBBE72E400A47384D5ED60531441F7D0CDDFFB0244D2 ] C:\Windows\System32\httpapi.dll
15:58:39.0838 0x0ca8  C:\Windows\System32\httpapi.dll - ok
15:58:39.0838 0x0ca8  [ 52E129522C1775DBB8CC252E7A0655C7, 5A3946551605380998FB83EBF6DC88279876F968754A0DFB9D5D91C906228E2A ] C:\Windows\System32\taskschd.dll
15:58:39.0838 0x0ca8  C:\Windows\System32\taskschd.dll - ok
15:58:39.0853 0x0ca8  [ 63396CBB1365769D520E0FD89C2419F2, 897613C16C11E3836F75EA5E645DB2ECEF99B403F50F6E7361B4A7CC80C54904 ] C:\Windows\System32\localspl.dll
15:58:39.0853 0x0ca8  C:\Windows\System32\localspl.dll - ok
15:58:39.0853 0x0ca8  [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\Windows\System32\sfc.dll
15:58:39.0853 0x0ca8  C:\Windows\System32\sfc.dll - ok
15:58:39.0853 0x0ca8  [ 4EDA94333BDB75B1BC0A7610BED34F00, 093FBB55253B8B4168D64DC0518D812C90D6BCFBB2DFA5A441BF339F3634FF84 ] C:\Windows\System32\fundisc.dll
15:58:39.0853 0x0ca8  C:\Windows\System32\fundisc.dll - ok
15:58:39.0869 0x0ca8  [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\Windows\System32\PlaySndSrv.dll
15:58:39.0869 0x0ca8  C:\Windows\System32\PlaySndSrv.dll - ok
15:58:39.0869 0x0ca8  [ 5EC8FB83F31AA2D6F421F02C3F4F4475, CC325D32700AED6CEA6FA1190C04FEDA9A52DABB3E47D3923BA9BBE06A5EB556 ] C:\Windows\System32\winspool.drv
15:58:39.0869 0x0ca8  C:\Windows\System32\winspool.drv - ok
15:58:39.0885 0x0ca8  [ 99C51F86CE35F6C0621A7C801EEAA718, 598332B53E555E8DD54AD6FB6763A96A780F52F074BD892CC0FD2D68BF5179F0 ] C:\Windows\System32\E_FLBBVE.DLL
15:58:39.0885 0x0ca8  C:\Windows\System32\E_FLBBVE.DLL - ok
15:58:39.0885 0x0ca8  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:58:39.0885 0x0ca8  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
15:58:39.0885 0x0ca8  [ B9183B17B4782173F1108192098BD82F, 8913AA8ACD4B1853CA6A7638E0000CAC3CD662269ABD002F59EDE829C1D329BE ] C:\Windows\System32\jnwmon.dll
15:58:39.0885 0x0ca8  C:\Windows\System32\jnwmon.dll - ok
15:58:39.0900 0x0ca8  [ E7D0F91E44D9D3B2116FA549BDCDB756, 96363C567D7BAE7F8D3DE763AF84A1DDD6F2B0B7C790FD1CC3D5D0197E64868F ] C:\Windows\System32\wdscore.dll
15:58:39.0900 0x0ca8  C:\Windows\System32\wdscore.dll - ok
15:58:39.0900 0x0ca8  [ 43E1054C713C48D252A1826C5E14AACA, 46B6A5011EC63F1B8DDC6A2BE013C2BBB59B81310644766C609CAAF4B9A18278 ] C:\Windows\System32\MsCtfMonitor.dll
15:58:39.0900 0x0ca8  C:\Windows\System32\MsCtfMonitor.dll - ok
15:58:39.0900 0x0ca8  [ 37A4DF3BCA563FB7537B881AE91BA9C4, 91687B331F038FC78AEE3A8E57A003DC164A8EAA71415D08ADA856EC5B1BDE7C ] C:\Windows\System32\msxml3.dll
15:58:39.0900 0x0ca8  C:\Windows\System32\msxml3.dll - ok
15:58:39.0916 0x0ca8  [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58, DC756209CA71C009E4CB5F1CF78E77FB76F73BACEFD419D3F06FDCC076176108 ] C:\Windows\System32\HPZ3LLHN.DLL
15:58:39.0916 0x0ca8  C:\Windows\System32\HPZ3LLHN.DLL - ok
15:58:39.0916 0x0ca8  [ C6DA42ADA0C5FC8CB05744229D632B47, 1C0FFD6B1CB0C72DF079F279E24243D2617F37D9DD5142140C3AB5AA3E4647BD ] C:\Windows\System32\msutb.dll
15:58:39.0916 0x0ca8  C:\Windows\System32\msutb.dll - ok
15:58:39.0916 0x0ca8  [ C52CE534397E1D3A442FB4C88A3CBE42, 4289052A24780CEEE9C96290B47FDD596B7D4426F776BB7B2ACCBB6E01B41E52 ] C:\Windows\System32\msonpmon.dll
15:58:39.0916 0x0ca8  C:\Windows\System32\msonpmon.dll - ok
15:58:39.0931 0x0ca8  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:58:39.0931 0x0ca8  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:58:39.0931 0x0ca8  [ F7212CD65EAD7862EDCBEB3D6BF6EA0A, BFB5C81C24A2E8D2A4F3C09C378A63A81350937EAE3249651042A4F1890237A2 ] C:\Program Files\AVG\AVG2015\avgwd.dll
15:58:39.0931 0x0ca8  C:\Program Files\AVG\AVG2015\avgwd.dll - ok
15:58:39.0947 0x0ca8  [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\Windows\System32\TMM.dll
15:58:39.0947 0x0ca8  C:\Windows\System32\TMM.dll - ok
15:58:39.0947 0x0ca8  [ 8CF9168396F730E8A1F3D0D0EF2FDF7C, E7CA4D497697BF24A47CA12B157D24DF6556FE439E17F617A64CE34253D6DB76 ] C:\Program Files\AVG\AVG2015\avgcfgx.dll
15:58:39.0947 0x0ca8  C:\Program Files\AVG\AVG2015\avgcfgx.dll - ok
15:58:39.0947 0x0ca8  [ D7EB32B51B7472FBEE86BFA47B3C4BC5, FD05DDFD25B6B06BA1E61B96B330C685D3794D87DE0E75E80EEFB8DC26D2A1BF ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
15:58:39.0947 0x0ca8  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
15:58:39.0963 0x0ca8  [ 68231DB65649F5DE777F494FEE8E80AB, 5DD7A44CFB046F1ECD7A48209337483948A2B8A6A3CBCF22016C5CE43FB1093A ] C:\Windows\System32\atitmmxx.dll
15:58:39.0963 0x0ca8  C:\Windows\System32\atitmmxx.dll - ok
15:58:39.0963 0x0ca8  [ 0EE266A90D43E82A07CF33755D6DE1CC, A2594E345A631418E7A961AF66252A1AF0C1E4E0CCCD8F34D52BE43995287F07 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
15:58:39.0963 0x0ca8  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
15:58:39.0978 0x0ca8  [ 21E2CC202552997CB08751F3B729B421, 86492A055F7287DE8C9DA6381519734A07ECDEF87948E2CAE6DB9BF92D8A5CD7 ] C:\Program Files\AVG\AVG2015\avgsecapix.dll
15:58:39.0978 0x0ca8  C:\Program Files\AVG\AVG2015\avgsecapix.dll - ok
15:58:39.0978 0x0ca8  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:58:39.0978 0x0ca8  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:58:39.0978 0x0ca8  [ BAC7D3632B09A5DF7D2BD067933E49E0, DAEFF8789189D253CA72B7D41EDDBAA082F35B03B45BE249DA9FA9CFEB4B546A ] C:\Windows\System32\msi.dll
15:58:39.0978 0x0ca8  C:\Windows\System32\msi.dll - ok
15:58:39.0994 0x0ca8  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] C:\Windows\System32\drivers\mdmxsdk.sys
15:58:39.0994 0x0ca8  C:\Windows\System32\drivers\mdmxsdk.sys - ok
15:58:39.0994 0x0ca8  [ 94B8279FC0E27A8253944DFA47FC4A83, D799003BD163200F7DE0EC882756EF08AA70C45BF0518E3BC6DB8B8FB74BF663 ] C:\Windows\System32\drivers\NisDrvWFP.sys
15:58:39.0994 0x0ca8  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
15:58:40.0009 0x0ca8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\Windows\System32\drivers\PEAuth.sys
15:58:40.0009 0x0ca8  C:\Windows\System32\drivers\PEAuth.sys - ok
15:58:40.0009 0x0ca8  [ 66BCFB248EF26CABCD955FB27A7D439B, 5F7187CF064A9BDC7E82403A0BD3EE6B5113678A1FB4F9A67F8D3109D9E13801 ] C:\Windows\System32\ncsi.dll
15:58:40.0009 0x0ca8  C:\Windows\System32\ncsi.dll - ok
15:58:40.0009 0x0ca8  [ 79D7117E62709C7690CF3DD55ACEAD37, BB05CD9B7B966AD5B26DA8647CCB0FD0786CDD3C7BB22FCEE5005CD4A253FBD9 ] C:\Windows\System32\drivers\PSDNServ.sys
15:58:40.0009 0x0ca8  C:\Windows\System32\drivers\PSDNServ.sys - ok
15:58:40.0025 0x0ca8  [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\Windows\System32\ssdpapi.dll
15:58:40.0025 0x0ca8  C:\Windows\System32\ssdpapi.dll - ok
15:58:40.0025 0x0ca8  [ BB0EB921877A1A7EF15AE2D97A71CBA9, 8F197D95D054A67AA01131ABFFF37743004D6A270D45D37C753EC07AB9461F94 ] C:\Windows\System32\tcpmon.dll
15:58:40.0025 0x0ca8  C:\Windows\System32\tcpmon.dll - ok
15:58:40.0025 0x0ca8  [ CAE5E82827990CF4BD4A49576BDE3A43, 3A8B9CF9A8F50337F164F4996AB05602EEA403054577253FFFFEBB0B70F77208 ] C:\Windows\System32\drivers\PSDVdisk.sys
15:58:40.0025 0x0ca8  C:\Windows\System32\drivers\PSDVdisk.sys - ok
15:58:40.0041 0x0ca8  [ 1EDE113859276E4B0F19B80F39E2CC95, 5467FBB97D1A192B720644A008752C27D14287998B328AF8FFF6DB4CB95D92EE ] C:\Windows\System32\wsnmp32.dll
15:58:40.0041 0x0ca8  C:\Windows\System32\wsnmp32.dll - ok
15:58:40.0041 0x0ca8  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] C:\Program Files\Cyberlink\Shared files\RichVideo.exe
15:58:40.0041 0x0ca8  C:\Program Files\Cyberlink\Shared files\RichVideo.exe - ok
15:58:40.0056 0x0ca8  [ A6272F8CF18F9A03A9375A234603CEBF, 1DE9562D63E92B77C3B7C1ECA27EC5A45C6D7FA04EAE3DC1D58F773CDA3086AF ] C:\Program Files\AVG\AVG2015\avgremovalx.dll
15:58:40.0056 0x0ca8  C:\Program Files\AVG\AVG2015\avgremovalx.dll - ok
15:58:40.0056 0x0ca8  [ 5091452DC719281CF1DD69367E13B494, 565345BA7155D82503445AF74DFC3D34BC58B230DD5AEF32A0DDF41C200576C9 ] C:\Windows\System32\tcpmib.dll
15:58:40.0056 0x0ca8  C:\Windows\System32\tcpmib.dll - ok
15:58:40.0072 0x0ca8  [ B4F5DE3DAD8E6B97272F45DB97674878, 31136700BE3EDACBD1FC6E795F607950A5ECD8129898C57D74B3CE6573DD250E ] C:\Windows\System32\mgmtapi.dll
15:58:40.0072 0x0ca8  C:\Windows\System32\mgmtapi.dll - ok
15:58:40.0072 0x0ca8  [ 0BF0BB276F17B6AD61A8694D2551EC28, 4A2843F02DC6A83BDB3A6602FCAEA50D8C11AD32E5B4B070095C59D6B35AF51D ] C:\Windows\System32\usbmon.dll
15:58:40.0072 0x0ca8  C:\Windows\System32\usbmon.dll - ok
15:58:40.0072 0x0ca8  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
15:58:40.0072 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
15:58:40.0087 0x0ca8  [ 4C867B62F6100C107A3A8F5E7A10461D, 890A90A16B0ED6B2F5EE16B140C22586B2068389CAF25F630B11CAAC336D7007 ] C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl
15:58:40.0087 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl - ok
15:58:40.0087 0x0ca8  [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\Windows\System32\QAGENT.DLL
15:58:40.0087 0x0ca8  C:\Windows\System32\QAGENT.DLL - ok
15:58:40.0103 0x0ca8  [ 167AC31450C0C53A01FA1491E94D7678, 951744503EF72C6D6DC49720C4E6E65DC1DBB9C8252C89FEE18B396E2ED67EA5 ] C:\Windows\System32\shdocvw.dll
15:58:40.0103 0x0ca8  C:\Windows\System32\shdocvw.dll - ok
15:58:40.0103 0x0ca8  [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\Windows\System32\QUTIL.DLL
15:58:40.0103 0x0ca8  C:\Windows\System32\QUTIL.DLL - ok
15:58:40.0103 0x0ca8  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\Windows\System32\shfolder.dll
15:58:40.0103 0x0ca8  C:\Windows\System32\shfolder.dll - ok
15:58:40.0119 0x0ca8  [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\Windows\System32\wsock32.dll
15:58:40.0119 0x0ca8  C:\Windows\System32\wsock32.dll - ok
15:58:40.0119 0x0ca8  [ D9AF104F7E21FA859EFA3C67E5522E88, F821D0A103BCEF48ABECE5EF52F5B48DE19351B196EDCD2A2B1D48DA94A83443 ] C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
15:58:40.0119 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl - ok
15:58:40.0134 0x0ca8  [ 4504819D18FAC09B6108D8728467E5B2, 46736DE57B2A0592BE1DC53B337A607C8962C305F678E5899D5734D3D4630135 ] C:\Windows\System32\browseui.dll
15:58:40.0134 0x0ca8  C:\Windows\System32\browseui.dll - ok
15:58:40.0134 0x0ca8  [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9, 0D9AEEDE0B46C104A9472C214B3A6D695972451B5EB6E16D80093EA93CF8ABBE ] C:\Windows\System32\WSDMon.dll
15:58:40.0134 0x0ca8  C:\Windows\System32\WSDMon.dll - ok
15:58:40.0134 0x0ca8  [ 801DECF3A583C270E5C398FCD082E3DD, BA2EB2AA86C8A99FB9140ED535CE6C13EFB810C07A4272643089C8AF4FF47CBE ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
15:58:40.0134 0x0ca8  C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
15:58:40.0150 0x0ca8  [ F290CDD867E430576BBB636AF7852B03, DEC8571842B2EAEE844993FB9B22FFDD87626057D36E9D89C31D9842D0785409 ] C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
15:58:40.0150 0x0ca8  C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll - ok
15:58:40.0150 0x0ca8  [ 80BD4B26E2CBC0D65445D0463DFF6FC2, 3C36ACAABF7D0EE528424599E151DC9D19A1D2D50E97CAA141E427774F11076D ] C:\Windows\System32\oledlg.dll
15:58:40.0150 0x0ca8  C:\Windows\System32\oledlg.dll - ok
15:58:40.0165 0x0ca8  [ 9D7A3F50C4F002FC3DE6F9B005A9A487, E766A866E6EBDEFE5C9EB5E9AADF1126C46A27457DD910BC59DDFD2FBC37C752 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
15:58:40.0165 0x0ca8  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll - ok
15:58:40.0165 0x0ca8  [ C19492950FB3BB2007D9597AEB0268C2, B469B3E814F4946A3384B0E5F0BB023392CC5E20DF1AB3AEF3377FC84AAE6817 ] C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
15:58:40.0165 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl - ok
15:58:40.0165 0x0ca8  [ F348280907B38FDBDB3CEF55D456E149, 526A1A46491401EA9BA241ADA76A610E8D98831F8D2C82712B931B481EA5529E ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
15:58:40.0165 0x0ca8  C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
15:58:40.0181 0x0ca8  [ EA4424793C30ADFA2BD5C51823DBAE1B, 9324D35EE048CF680CC5C966B17EEF3830766C253D31C90E11BBA6718DA780E9 ] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
15:58:40.0181 0x0ca8  C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll - ok
15:58:40.0181 0x0ca8  [ 14E4470BF8ACA69A85D741BA99F75F96, B9DA437B42D56FAF29EF8227A22D842A852F80D5611E114E27FC8A3864E6DEA5 ] C:\Windows\System32\EhStorShell.dll
15:58:40.0181 0x0ca8  C:\Windows\System32\EhStorShell.dll - ok
15:58:40.0197 0x0ca8  [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\Windows\System32\imageres.dll
15:58:40.0197 0x0ca8  C:\Windows\System32\imageres.dll - ok
15:58:40.0197 0x0ca8  [ 949FABCC074AEF857AEC14648C231491, 7C84B90F249A1B28A6D04EF3ABEBCB6E946179386B9F83ABF3B0EE17CB9E90D6 ] C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl
15:58:40.0197 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl - ok
15:58:40.0197 0x0ca8  [ A4E7946B71BBDF8708C7AC97FD9E9008, 3C382EDC2BE010B11006EC41097123C5EE4D2D6FB079B795DAAF37F423864BFD ] C:\Windows\System32\win32spl.dll
15:58:40.0197 0x0ca8  C:\Windows\System32\win32spl.dll - ok
15:58:40.0212 0x0ca8  [ E33D3F7B4F53C7CE9EF350408895F686, 2A6112B585A3F8B7773D399C4D774F8BC61D23697B78B4A59D92855276202524 ] C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
15:58:40.0212 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
15:58:40.0212 0x0ca8  [ C92E99D43E8F9E796364337CEC5C6594, 3041F5F3EEAB19A5876CEDBEE19D9EDEBC1D710111741E7D1EBBE37E5A2E6D97 ] C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
15:58:40.0212 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl - ok
15:58:40.0228 0x0ca8  [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\Windows\System32\IconCodecService.dll
15:58:40.0228 0x0ca8  C:\Windows\System32\IconCodecService.dll - ok
15:58:40.0228 0x0ca8  [ 4BF053944E973C073339BE841C9ECF28, CDE922AEC912F978C1847C17FA8233D860C38AC249CF095134D2CEA355A6D26A ] C:\Windows\System32\netrap.dll
15:58:40.0228 0x0ca8  C:\Windows\System32\netrap.dll - ok
15:58:40.0228 0x0ca8  [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\System32\ie4uinit.exe
15:58:40.0228 0x0ca8  C:\Windows\System32\ie4uinit.exe - ok
15:58:40.0243 0x0ca8  [ 48A9C53A272A12685A71F6219A6A3A2D, 86C1025A2B6CABF32FFFF5FDE6FCFEDD0720AACD54C3F9508F1BE79D9EDD1DF1 ] C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
15:58:40.0243 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
15:58:40.0243 0x0ca8  [ 2D3D47B93E0BE86EEBB261734AB5B6A1, F83A5AB187DA9A3784367C8762AACB07B28871F435B4B39672114BDADB05B894 ] C:\Windows\System32\printcom.dll
15:58:40.0243 0x0ca8  C:\Windows\System32\printcom.dll - ok
15:58:40.0259 0x0ca8  [ 14361FB2FD630988816A4F46AEAF0684, 62444B8B9CF07B281966DD9D22811B67B0F721DE199BCE07C2D3405EAED6B570 ] C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
15:58:40.0259 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll - ok
15:58:40.0259 0x0ca8  [ 2E8E30F3B318A9FDA5A2485723F4C2B3, A2EE1F104D05ACBC7D6A01DDC324391ECC9A40776786DFF310B424193C1B9659 ] C:\Windows\System32\inetpp.dll
15:58:40.0259 0x0ca8  C:\Windows\System32\inetpp.dll - ok
15:58:40.0259 0x0ca8  [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\System32\iedkcs32.dll
15:58:40.0259 0x0ca8  C:\Windows\System32\iedkcs32.dll - ok
15:58:40.0275 0x0ca8  [ 392EFA7A0DB953556525D8B47E778F2A, DB3951369966BCE1B092CD42200F559FF046CAF8DD9500AA0B59FF6A9F6DD95A ] C:\Program Files\AVG\AVG2015\avgidpsdkx.dll
15:58:40.0275 0x0ca8  C:\Program Files\AVG\AVG2015\avgidpsdkx.dll - ok
15:58:40.0275 0x0ca8  [ 00841924EF5DF2801987C752CA39468A, 4B17768C3BAFF84A023217D313E08960034E497BD35C1E35688B0E94BD6B3F1E ] C:\Program Files\AVG\AVG2015\avgwdwsc.dll
15:58:40.0275 0x0ca8  C:\Program Files\AVG\AVG2015\avgwdwsc.dll - ok
15:58:40.0275 0x0ca8  [ 55F69EBB34FAB01557C3495909921E1C, 0C7F2CCBC8141139B4265609340764F827392439E12AB7AF7F8FCDCD67597E2A ] C:\Program Files\AVG\AVG2015\avgshredx.dll
15:58:40.0275 0x0ca8  C:\Program Files\AVG\AVG2015\avgshredx.dll - ok
15:58:40.0290 0x0ca8  [ 74B8C2EA72D43727142D12397D5A49F9, 37E8858211D7BF9DE90CBD22863B18A939C43BA64CAD06229E994A417BD46B0D ] C:\Windows\System32\wbemcomn.dll
15:58:40.0290 0x0ca8  C:\Windows\System32\wbemcomn.dll - ok
15:58:40.0290 0x0ca8  [ 30F0DC266B46118E9FBCF5B2A30EB1DB, 72C59BBD1590EAD91D92C07B3434BE308639CE773E8A2E72751E5396B4B10BA5 ] C:\Windows\System32\wbem\wbemprox.dll
15:58:40.0290 0x0ca8  C:\Windows\System32\wbem\wbemprox.dll - ok
15:58:40.0306 0x0ca8  [ 4B19A9A4191353007E9819A832B81186, 02B78FB11F80763CCB0E30E383247BD76FAC8A25DEE4971E8958EF19A08A719A ] C:\Windows\System32\timedate.cpl
15:58:40.0306 0x0ca8  C:\Windows\System32\timedate.cpl - ok
15:58:40.0306 0x0ca8  [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\Windows\System32\actxprxy.dll
15:58:40.0306 0x0ca8  C:\Windows\System32\actxprxy.dll - ok
15:58:40.0306 0x0ca8  [ 9B375BB63F99B113C065A5DB4E632E23, 842627E881B8E4D32CBACFD1C13A640603C2709CAFAFB9AF2A5A2AFD0BB569DE ] C:\Program Files\Spybot - Search & Destroy 2\av\scan.dll
15:58:40.0306 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\av\scan.dll - ok
15:58:40.0321 0x0ca8  [ 75EA37AB206050CCD8F31817201C8190, 6BA23A7117436FF6CC6F9E00CAC5EF74E98937218189E84277D59CAA16DFE5B9 ] C:\Windows\System32\spool\drivers\w32x86\3\E_FMAI1BVE.DLL
15:58:40.0321 0x0ca8  C:\Windows\System32\spool\drivers\w32x86\3\E_FMAI1BVE.DLL - ok
15:58:40.0321 0x0ca8  [ 2AC2716E2083A949437CEDB2B6A2E89A, 53713692E86BF76053EA22C71742B977B8B9CA2690A87871DC48F874E3D0BF85 ] C:\Program Files\Windows Media Player\wmpband.dll
15:58:40.0321 0x0ca8  C:\Program Files\Windows Media Player\wmpband.dll - ok
15:58:40.0337 0x0ca8  [ 00C4509D2B0ADE4DCC516F6A6421C708, D29A51E2BAC374A3A896840DC99D5338AB0575DBE48FA1BBA6F62DAD3263A797 ] C:\Windows\System32\spool\drivers\w32x86\3\E_FUIC1BVE.DLL
15:58:40.0337 0x0ca8  C:\Windows\System32\spool\drivers\w32x86\3\E_FUIC1BVE.DLL - ok
15:58:40.0337 0x0ca8  [ FF41E1AC301F51E16F61AD7C0F45467C, 8E8F7C932C4A6EE239BC6F48D064C55872ED309C8F77263159729D0C2EC675DA ] C:\Windows\System32\msshsq.dll
15:58:40.0337 0x0ca8  C:\Windows\System32\msshsq.dll - ok
15:58:40.0337 0x0ca8  [ 1CE4A2790EB4A96F4ED1E4264866AFE6, EA079AABE19E4E15674AB6EC0B92EFBB382CEDE1D43CFF8A118127F7FF891FDA ] C:\Windows\System32\NaturalLanguage6.dll
15:58:40.0337 0x0ca8  C:\Windows\System32\NaturalLanguage6.dll - ok
15:58:40.0353 0x0ca8  [ 5F11E4FB2DA804B7ECA054197895F4E2, 18B918FCEEDAF949C85EBB9AAEC9A0AF07734951A69395816F25B21AE2481A8B ] C:\Windows\System32\spool\drivers\w32x86\3\E_FAUDBVE.DLL
15:58:40.0353 0x0ca8  C:\Windows\System32\spool\drivers\w32x86\3\E_FAUDBVE.DLL - ok
15:58:40.0353 0x0ca8  [ 3BC9A79BCD7BD98A6F492BCF1B6177B9, 6FAB4576077724C08B8D7C118E588C82E4512AC405C367441294B46ADF00A8B7 ] C:\Windows\System32\NlsData0007.dll
15:58:40.0353 0x0ca8  C:\Windows\System32\NlsData0007.dll - ok
15:58:40.0368 0x0ca8  [ E79C797C742DBE11695929A85DDE9AB7, D0738902908B84DA00DE2BACD9B83352F3786BEDEFE548DE6D3181FB20D6D4E6 ] C:\Windows\System32\spool\drivers\w32x86\3\E_FUIRBVE.DLL
15:58:40.0368 0x0ca8  C:\Windows\System32\spool\drivers\w32x86\3\E_FUIRBVE.DLL - ok
15:58:40.0368 0x0ca8  [ 795166DED9B1B32136B150A12A1DEBAE, 289C46B77E828457C2A2FAEABC0E8DE399546001EB66EF877D41AE0682B01FFD ] C:\Windows\System32\NlsLexicons0007.dll
15:58:40.0368 0x0ca8  C:\Windows\System32\NlsLexicons0007.dll - ok
15:58:40.0368 0x0ca8  [ 8C52A202DC85928DA3C685CC139E8161, A9366FB31A8E9A1DD02EE5E6359F99FABC8B1AA1E796B55C0A55811711B96F61 ] C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
15:58:40.0368 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
15:58:40.0384 0x0ca8  [ A944A73CEC5921B871542FE5CC5E03E4, CBFAA80631A6A332697494160A7453645478AC535DCF5F72F75C27D3F325CE88 ] C:\Windows\System32\olepro32.dll
15:58:40.0384 0x0ca8  C:\Windows\System32\olepro32.dll - ok
15:58:40.0384 0x0ca8  [ C9E5A3FF121596B51A9F72870CFB1D39, C8C91907A60E738115C7FF72335DBC74DD2D2B435C07C05C9F74AD1BAC46408A ] C:\Windows\System32\jsproxy.dll
15:58:40.0384 0x0ca8  C:\Windows\System32\jsproxy.dll - ok
15:58:40.0384 0x0ca8  [ D21AB32F16E8DE67D45E5A383B5E52BA, 29870BFD4337A80BE9C96897C59CBBF412971EE67CB65BA9C0622CAD90FA3CB5 ] C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll
15:58:40.0399 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll - ok
15:58:40.0399 0x0ca8  [ B009D6171147BE129636A49C4178E487, DBAA8C7FDD8F6A55AE10F9E1537CE71283A34920BFAD5CD386BA3EC05C1F4E76 ] C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll
15:58:40.0399 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll - ok
15:58:40.0399 0x0ca8  [ 3E57C403F0B8F3955D35D5250B241C84, FA4042E8E09F89721870FE96AAB28D7F249565F3CA599BEC00765A331B90D70F ] C:\Program Files\AVG\AVG2015\winspamcatcher.dll
15:58:40.0399 0x0ca8  C:\Program Files\AVG\AVG2015\winspamcatcher.dll - ok
15:58:40.0415 0x0ca8  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
15:58:40.0415 0x0ca8  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
15:58:40.0415 0x0ca8  [ C0BAEBF68D73F7A46DDB28777049AEFF, B04E772957474FFCF44D439A0533B84FE2BA1022D819F087133535D7611A553A ] C:\Program Files\AVG\AVG2015\avgnsx.exe
15:58:40.0415 0x0ca8  C:\Program Files\AVG\AVG2015\avgnsx.exe - ok
15:58:40.0415 0x0ca8  [ 6C8C5216A981E6B45E88233186B03634, 1AE1C7E9146F0D2DAB961FF39535751546BF19B37B84003721AD64D802E6FBA5 ] C:\Program Files\AVG\AVG2015\avgxpl.dll
15:58:40.0415 0x0ca8  C:\Program Files\AVG\AVG2015\avgxpl.dll - ok
15:58:40.0431 0x0ca8  [ 1C2089573B379457DABA27F3A02DF131, 439CA5E7DBBFDE8519F98D6C5A5E27C14F4E61ADA2270761B05260CC4D534E72 ] C:\Program Files\AVG\AVG2015\avgemcx.exe
15:58:40.0431 0x0ca8  C:\Program Files\AVG\AVG2015\avgemcx.exe - ok
15:58:40.0431 0x0ca8  [ E30901CA72C3C93C07297297ED0879C1, 8969B9FEA85ABB7EDB8FF73BE795FA61A1419C306D716EC441B4AD69097B7230 ] C:\Program Files\Spybot - Search & Destroy 2\SDLists.dll
15:58:40.0431 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDLists.dll - ok
15:58:40.0446 0x0ca8  [ 04044BF8E6989BE45FA718C24407CA28, C88D19AA791793313551B26DF2A33A59BEBE366F2F2930ABDE0865AE932BFD7E ] C:\Windows\System32\networkexplorer.dll
15:58:40.0446 0x0ca8  C:\Windows\System32\networkexplorer.dll - ok
15:58:40.0446 0x0ca8  [ 24F90AEFEBE601D427CB4511E74CDCB6, 0FEBBE1F81E6A48DA0D8967E256259B6F92F6E79804DF9CAC9422FEC47CB9BF2 ] C:\Windows\System32\linkinfo.dll
15:58:40.0446 0x0ca8  C:\Windows\System32\linkinfo.dll - ok
15:58:40.0446 0x0ca8  [ 54E87125B616AFEFF59FE78866EAE0FB, B45D23175EA4F1888F44F69333AD05DDD78826AF25777D5DAC3612B3BE7A4B5B ] C:\Program Files\AVG\AVG2015\avgsched.dll
15:58:40.0446 0x0ca8  C:\Program Files\AVG\AVG2015\avgsched.dll - ok
15:58:40.0462 0x0ca8  [ DBB3F94627FE0ECAD60E825B2482124C, C2100ECC6138326027672F6A0A8F251E654ADDB2635DBC6EDC162601B5C3B014 ] C:\Program Files\AVG\AVG2015\avgopensslx.dll
15:58:40.0462 0x0ca8  C:\Program Files\AVG\AVG2015\avgopensslx.dll - ok
15:58:40.0462 0x0ca8  [ 2E0E621D5D525AEDB0DF8805E8D100BD, A0FCB5E0A641750EE6E1E225F40DC9653304DA8CEA5F69AE371C1527F0EFA01E ] C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll
15:58:40.0462 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll - ok
15:58:40.0462 0x0ca8  [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\Windows\System32\p2pcollab.dll
15:58:40.0462 0x0ca8  C:\Windows\System32\p2pcollab.dll - ok
15:58:40.0477 0x0ca8  [ 22DC784B32BEE306A99F50D6DC2460BC, 5144BDCEAFC593817545869E82A7D78104F310A8B0188E0EC49648F929F6E1C2 ] C:\Windows\System32\esent.dll
15:58:40.0477 0x0ca8  C:\Windows\System32\esent.dll - ok
15:58:40.0477 0x0ca8  [ D0331BB00B7129374A490890AD6C73F4, F0B6EDD2A3331BAFF1ABD6BB6BFA5317F4D2688C4BCC340EFB0AA692534C9A24 ] C:\Program Files\AVG\AVG2015\avglngx.dll
15:58:40.0477 0x0ca8  C:\Program Files\AVG\AVG2015\avglngx.dll - ok
15:58:40.0493 0x0ca8  [ 32B8D8E88379691236C00A752138809F, 9D8AFE711E53C8F22FA81A46052F4DC6DF854B212F1D2BF304DAF092D70C75DC ] C:\Windows\System32\ieframe.dll
15:58:40.0493 0x0ca8  C:\Windows\System32\ieframe.dll - ok
15:58:40.0493 0x0ca8  [ DE7F813217EC88C0A6D4D8F2F39D7949, F749DA3DC87DDA8579B02F27951CC3BBEADFC25362D892E9484146616A0ACF47 ] C:\Windows\System32\msiltcfg.dll
15:58:40.0493 0x0ca8  C:\Windows\System32\msiltcfg.dll - ok
15:58:40.0493 0x0ca8  [ 5016B8FC59AD616F03813FBE63295081, D5141F87D456CBF12E7C227A9C5D3918A675D20953E7705A49ED1BE5426C69EB ] C:\Windows\System32\thumbcache.dll
15:58:40.0493 0x0ca8  C:\Windows\System32\thumbcache.dll - ok
15:58:40.0509 0x0ca8  [ BADC359C9A0D9C217B7E8DA17BF3F5BB, F3DAD07D80FFF1631AE21C66362757263BD9D6D2D6DE692A618191F84EE46827 ] C:\Windows\System32\ntshrui.dll
15:58:40.0509 0x0ca8  C:\Windows\System32\ntshrui.dll - ok
15:58:40.0509 0x0ca8  [ D922592AB65C5D9B88B30B4510A3464E, E6226CFD77C6DDAE5737C4CC6F8B347DF474CF8DFD93E32ABE6AE63D9AB0A586 ] C:\Windows\System32\cscapi.dll
15:58:40.0509 0x0ca8  C:\Windows\System32\cscapi.dll - ok
15:58:40.0509 0x0ca8  [ 3E19F6B034A395566AD27ECEDF0447F5, 3E522ECE6EC49DE5223A72D018A999A5D9FCA5B979207BC6031016D64CBAB2D1 ] C:\Program Files\Acer GameZone\Mythic Mahjong\Launch.exe
15:58:40.0524 0x0ca8  C:\Program Files\Acer GameZone\Mythic Mahjong\Launch.exe - ok
15:58:40.0524 0x0ca8  [ CF28CEEEFA8253E4704ADD61573B792F, A73356BAB83345EE665F8B48FD586819B2A44B7DCB8B8D11C8F34B0B2F332DC3 ] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
15:58:40.0524 0x0ca8  C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe - ok
15:58:40.0524 0x0ca8  [ 61216539E55DDF2F78E421E7EF140650, 0897EEA53F8924441FD2F61EB0FCE96142A6526EDB857B1638FEDD9304AD3561 ] C:\Windows\System32\ExplorerFrame.dll
15:58:40.0524 0x0ca8  C:\Windows\System32\ExplorerFrame.dll - ok
15:58:40.0540 0x0ca8  [ 5405413FFF79B8D9C747AA900F60F082, 3E5A28FFDE07AC661C26B6CCF94E64C1C90B1F25B3B24C90605AA922B87642EB ] C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
15:58:40.0540 0x0ca8  C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll - ok
15:58:40.0540 0x0ca8  [ 078D227633D995D9FC8851D1F722B9FA, AFE5C6CF54EA54358568C2DCAA910B724936651A76D844C1E08787AE3D54ADF8 ] C:\Program Files\Siemens\LOGOComfort_V7\LOGOComfort.exe
15:58:40.0540 0x0ca8  C:\Program Files\Siemens\LOGOComfort_V7\LOGOComfort.exe - ok
15:58:40.0540 0x0ca8  [ BBD1BA710A00842064BA038570C13CB2, 155FABD8323C95932C9F552E8827A87356E9FCED471B8F5E06466F920EEB56A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
15:58:40.0540 0x0ca8  C:\Program Files\Microsoft Security Client\msseces.exe - ok
15:58:40.0555 0x0ca8  [ EDBD18F10D85381FF3F1C93A63459753, 225E80320479C900679A917E548D85B9BC2B96F87E31B42581F92C0EEB218778 ] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
15:58:40.0555 0x0ca8  C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll - ok
15:58:40.0555 0x0ca8  [ 21221CD7C7C844F6F0E0B7BC69CBA36B, E279C8FBC0233F74E76AFBF857D39176711A4738091D5F1C6BE33185B21DCFCB ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
15:58:40.0555 0x0ca8  C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok
15:58:40.0571 0x0ca8  [ 4209E07DCF7AB30B009B35645395192A, 55ECE93EB5FB8C4E7274BFF72817991FE1503BE1EAE7A829615C1028B3D4DDF6 ] C:\Program Files\Microsoft Works\MSWorks.exe
15:58:40.0571 0x0ca8  C:\Program Files\Microsoft Works\MSWorks.exe - ok
15:58:40.0571 0x0ca8  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
15:58:40.0571 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe - ok
15:58:40.0571 0x0ca8  [ F64DF9FD69A02A57F5BFEC2CF10D6BD7, EC99D81B3389CB08686F4CAAEF2D6B33EFA25830B97334422E10C37390A0DE06 ] C:\Program Files\AVG\AVG2015\avgnetclix.dll
15:58:40.0571 0x0ca8  C:\Program Files\AVG\AVG2015\avgnetclix.dll - ok
15:58:40.0587 0x0ca8  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\Windows\System32\sfc_os.dll
15:58:40.0587 0x0ca8  C:\Windows\System32\sfc_os.dll - ok
15:58:40.0587 0x0ca8  [ C37571F7C79C3972D641804F1DF7C0F5, 8F1A1E7654A6A68B21F856A46C9ED549CCA606B3FCA02289E4123DB18208F748 ] C:\Program Files\Microsoft Works\wksdb.exe
15:58:40.0587 0x0ca8  C:\Program Files\Microsoft Works\wksdb.exe - ok
15:58:40.0602 0x0ca8  [ 5C98AF9A183305DE16E928630F50F99B, 7A828FC09BBA2AFAC625B038D8E87A0EFE09FAD2BA282A0F362BB2CBFD9067A2 ] C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe
15:58:40.0602 0x0ca8  C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe - ok
15:58:40.0602 0x0ca8  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehtray.exe
15:58:40.0602 0x0ca8  C:\Windows\ehome\ehtray.exe - ok
15:58:40.0602 0x0ca8  [ B5950DF243837D8217F4E597919B224A, 3E675AFDE75E4DB9C528343569F5A9DE495BBCCB699EBE3FE41A2B5199F25E97 ] C:\Windows\System32\stobject.dll
15:58:40.0602 0x0ca8  C:\Windows\System32\stobject.dll - ok
15:58:40.0618 0x0ca8  [ EC69B16644C613F41A57169F8D068F1D, 400CD49D44643CC72129A918B2E2B4FEDB5DD26A9709D7A686B01432F73F0474 ] C:\Windows\System32\batmeter.dll
15:58:40.0618 0x0ca8  C:\Windows\System32\batmeter.dll - ok
15:58:40.0618 0x0ca8  [ 027E5E14C9CFF810377701BDEAD8210F, 053BE912C3F536DFA8734603B9BDFB314B61934404C84B368ABC8CA8C68F2CE5 ] C:\Windows\System32\control.exe
15:58:40.0618 0x0ca8  C:\Windows\System32\control.exe - ok
15:58:40.0618 0x0ca8  [ 790222D6CCFC576F0D07D418E6115D85, F1B1B9CC64822CE16629B1569121FB782A1A5F4E49E97AB9238BCBCD81E58AF9 ] C:\Program Files\Windows Calendar\WinCal.exe
15:58:40.0618 0x0ca8  C:\Program Files\Windows Calendar\WinCal.exe - ok
15:58:40.0633 0x0ca8  [ 395335431AD55C167CFDBBAB8420DA73, F9945DA83998BA22F40D334C42D960B2E4A82DE98522637A0F7D14DC6B708CB5 ] C:\Program Files\Movie Maker\DVDMaker.exe
15:58:40.0633 0x0ca8  C:\Program Files\Movie Maker\DVDMaker.exe - ok
15:58:40.0633 0x0ca8  [ 353BA3B7F33272C800F15101DEE6D187, CE95D49E6D3ECD9EADBC2E1A109FF17CB8CC09144A5BD07502FDFA72D8A34F3A ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
15:58:40.0633 0x0ca8  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
15:58:40.0649 0x0ca8  [ C6FD3425B1ADD739B95DC4D661FF4DD3, 310C99B78305F9A0E33C7108477734D81DD9F7AA3C6FB6B735FD19CE939EDB10 ] C:\Windows\System32\PresentationSettings.exe
15:58:40.0649 0x0ca8  C:\Windows\System32\PresentationSettings.exe - ok
15:58:40.0649 0x0ca8  [ 0F4195B9B348DE5CF9B822F81704B20E, D84AFEE1DBA144C4D7CBEE3F7F903F93EB4C2E16AB7AAF32D0192343C572E2B9 ] C:\Windows\ehome\ehmsas.exe
15:58:40.0649 0x0ca8  C:\Windows\ehome\ehmsas.exe - ok
15:58:40.0649 0x0ca8  [ B7ED332A57FC78CA29E40D3619550225, 6C04CFAE566E8979DBC495F1B9D4FAFCFDF1F061278B5D9794CD6E5FDC7406D7 ] C:\Windows\ehome\ehshell.exe
15:58:40.0649 0x0ca8  C:\Windows\ehome\ehshell.exe - ok
15:58:40.0665 0x0ca8  [ 5422CB64444C33F029483552A8FACE37, D7DE9BF855EA616F066C7FB681FF60C0784AF66C6F6A48706E1A6993B3F7F4BC ] C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl
15:58:40.0665 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl - ok
15:58:40.0665 0x0ca8  [ C4AB08459CD7B59B410ACFC04D90E87B, 503A3D8590246C9BE313AF0CA0A322509A27AFBAE33A1D0CE2173DBC48170154 ] C:\Program Files\Movie Maker\MOVIEMK.exe
15:58:40.0665 0x0ca8  C:\Program Files\Movie Maker\MOVIEMK.exe - ok
15:58:40.0680 0x0ca8  [ 30F02D9C55053367E26A11482F51E255, A1CE545DBB8983BD71C82FAC1C3F2633E571FAC7EFDDD8E99E73C7A308A31861 ] C:\Windows\System32\SndVolSSO.dll
15:58:40.0680 0x0ca8  C:\Windows\System32\SndVolSSO.dll - ok
15:58:40.0680 0x0ca8  [ 069385484EA57B663D688894C88975C5, 878148BBC052241F5CA78EA4CF708D21F0B31F9EA67EE2BCE07D2BDAD9F67241 ] C:\Windows\System32\wuapp.exe
15:58:40.0680 0x0ca8  C:\Windows\System32\wuapp.exe - ok
15:58:40.0680 0x0ca8  [ 313B30189557A2E2793F845DE0F0A4D5, AC3B725CF44C214FACB7F48784CE3CAB7CA2F94B6C3E7C2549AD0C94070DE849 ] C:\Windows\ehome\ehSSO.dll
15:58:40.0680 0x0ca8  C:\Windows\ehome\ehSSO.dll - ok
15:58:40.0680 0x0ca8  [ E98E402067978DB38282158F9E8609CA, 63AA9BA292F5A62C0B6C668BE27E4B0BF1761CD5D961D405CAEDE2DC7C54A2E2 ] C:\Windows\System32\netshell.dll
15:58:40.0680 0x0ca8  C:\Windows\System32\netshell.dll - ok
15:58:40.0696 0x0ca8  [ 4AA01BD5CC7DA9888AF33C5FAB5BF1DD, 84065A4C02345363874664D92BDE0F0A04DBD93A444D68929CB2624A659360EF ] C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl
15:58:40.0696 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl - ok
15:58:40.0696 0x0ca8  [ 75AD59B9B12EB194486BE8D97B062994, 603ECA45F49420EE4F8549FB11C6CB814990E0A562786E6DEB3AF434A1D42E39 ] C:\Windows\System32\pnidui.dll
15:58:40.0696 0x0ca8  C:\Windows\System32\pnidui.dll - ok
15:58:40.0711 0x0ca8  [ ABAEAEE763E287BDD39094C4165E1F3F, 7AEF1623E585A42620D423309BC48FE386B8ACC52315F03B946947B6E6F434B6 ] C:\Windows\System32\fdProxy.dll
15:58:40.0711 0x0ca8  C:\Windows\System32\fdProxy.dll - ok
15:58:40.0711 0x0ca8  [ C03AC1FBCD625F93D2C245D97E06F270, C8B29DA440C32B305FDC734DFA02DBB50B6FD47BC94582A8FAF86B4674534B35 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
15:58:40.0711 0x0ca8  C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
15:58:40.0711 0x0ca8  [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B, 18E49D5B2E0B055683FB63DD9A2CC1DECFA22C210C6C8F09C79D7E73C9B01451 ] C:\Windows\System32\msftedit.dll
15:58:40.0711 0x0ca8  C:\Windows\System32\msftedit.dll - ok
15:58:40.0727 0x0ca8  [ 06164026C38AA5366E4D127E2E36FDE8, 9E2D88DFF9906F929F0F4C343E818DE8FDF0B49DDFA8B0851CF3E1DB66462F2C ] C:\Program Files\Windows Mail\wab.exe
15:58:40.0727 0x0ca8  C:\Program Files\Windows Mail\wab.exe - ok
15:58:40.0727 0x0ca8  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:58:40.0727 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
15:58:40.0743 0x0ca8  [ 52BC119E49F88F2A5D1466230B1275C7, 948EC013DBD86AC61FA3C0CEE4778866161383EF25AD715BD6160B5697BDF5A8 ] C:\Program Files\Windows Collaboration\WinCollab.exe
15:58:40.0743 0x0ca8  C:\Program Files\Windows Collaboration\WinCollab.exe - ok
15:58:40.0743 0x0ca8  [ 4F7FD4993ADCEEE9123FBEDB07B84FF9, 3512C1E89F5818B713CEB014DA62728B5309F7122B036679A22868AED3173327 ] C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
15:58:40.0743 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
15:58:40.0743 0x0ca8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
15:58:40.0743 0x0ca8  C:\Windows\System32\drivers\secdrv.sys - ok
15:58:40.0758 0x0ca8  [ 612C9C28A2B577D8AAC916E73E1F68EC, B6CC3345738706BC9390237944629223087E67D1E33D52ED43AB5B6942CD5EE7 ] C:\Program Files\Spybot - Search & Destroy 2\SDAV.dll
15:58:40.0758 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDAV.dll - ok
15:58:40.0758 0x0ca8  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] C:\Windows\System32\drivers\tcpipreg.sys
15:58:40.0758 0x0ca8  C:\Windows\System32\drivers\tcpipreg.sys - ok
15:58:40.0774 0x0ca8  [ 25D23E5A5A627CC718E478B66AD8AFF7, EFEE79C9ABC23CE3745928247BE63A3DCE74B39C47F2AF0C62C8380E7EDCBFB7 ] C:\Program Files\Spybot - Search & Destroy 2\av\bdquar.dll
15:58:40.0774 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\av\bdquar.dll - ok
15:58:40.0774 0x0ca8  [ 351FA1DF82CFFDEDA801604246E63E95, AD030032C0C4C0E2A8EEDA3E45338BE7DFD75AED330EBC266183C49687E7A3D0 ] C:\Windows\System32\icaapi.dll
15:58:40.0774 0x0ca8  C:\Windows\System32\icaapi.dll - ok
15:58:40.0774 0x0ca8  [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\Windows\System32\wiatrace.dll
15:58:40.0774 0x0ca8  C:\Windows\System32\wiatrace.dll - ok
15:58:40.0789 0x0ca8  [ B608BA52FA1FD29BF81B718818246B4D, F1167F0F02D860BE15920760AC09532D844913C0787947E3E5739FD3F9D1AADC ] C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
15:58:40.0789 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll - ok
15:58:40.0789 0x0ca8  [ 4DBA143F06BAD1DF935CB9603140CF2A, DE2D3A13993046CCC7691C9614702DCBC43C788282A2B722A8F3F4829281BC1A ] C:\Windows\System32\wsdchngr.dll
15:58:40.0789 0x0ca8  C:\Windows\System32\wsdchngr.dll - ok
15:58:40.0805 0x0ca8  [ 4CEB44AE133F1628917E3385905B88D7, 5900C7EB5B360FF5469AA24E41F3D91C102E6E262937CA9CA40532BE8BE30D55 ] C:\Program Files\Spybot - Search & Destroy 2\av\bdcore.dll
15:58:40.0805 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\av\bdcore.dll - ok
15:58:40.0805 0x0ca8  [ ADF9F919E10832746ED516230420F749, 52CB002E48F4AD07B4082DE82D965463454BA9A21772CCC689AAFD6304DCAE22 ] C:\Program Files\Spybot - Search & Destroy 2\av\avxdisk.dll
15:58:40.0805 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\av\avxdisk.dll - ok
15:58:40.0805 0x0ca8  [ DFE6CCE27C5CCC3C00D660226050E76D, BA2679363D00F7FCCB6AB751BC79298187BD4FA03D697E313DAF088CE06FF5B3 ] C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
15:58:40.0805 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe - ok
15:58:40.0821 0x0ca8  [ 5B21C0B872C0EC9C4D3D9DD93978FF54, FFABB781F0BCD0CAAAFA87067F6AF6A4A70468FEE9641D66E9CE9F0BAF7EBD98 ] C:\Program Files\AVG\AVG PC TuneUp\avglogx.dll
15:58:40.0821 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\avglogx.dll - ok
15:58:40.0821 0x0ca8  [ 88AF537264F2B818DA15479CEEAF5D7C, E0F95D6448FFB77351BB63ED444238F891B16748FD09F8BCCA23BEC4E341A96B ] C:\Windows\System32\drivers\XAudio.sys
15:58:40.0821 0x0ca8  C:\Windows\System32\drivers\XAudio.sys - ok
15:58:40.0836 0x0ca8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] C:\Windows\System32\netprofm.dll
15:58:40.0836 0x0ca8  C:\Windows\System32\netprofm.dll - ok
15:58:40.0836 0x0ca8  [ 2205A220A264E8C8B86492BF3D112907, F3B702AE3242B8910260F2649D8B387B07AF8830FF5F495B6F713FCABD26A4E9 ] C:\Windows\System32\PortableDeviceApi.dll
15:58:40.0836 0x0ca8  C:\Windows\System32\PortableDeviceApi.dll - ok
15:58:40.0836 0x0ca8  [ DFCAB29E8FD38F95650CC1E203E8D318, 96B444CF2FA218447A29BC5BF4308E3A5A47203555A460E79056EE6AC4875F9A ] C:\Windows\System32\npmproxy.dll
15:58:40.0836 0x0ca8  C:\Windows\System32\npmproxy.dll - ok
15:58:40.0852 0x0ca8  [ BF7E4D6F60A6D9E866432855C6F8C262, 6E99AA4BD3867867C6DE1B37F0EA8A1332190D23CD72752889B7A5C90DDC610F ] C:\Windows\System32\sqmapi.dll
15:58:40.0852 0x0ca8  C:\Windows\System32\sqmapi.dll - ok
15:58:40.0852 0x0ca8  [ B53BD9E63867CD9FD853F666CA172713, 08951AC63A257696F5F1FC79137C3FFBF0972B9AE43BD4BE02C2CACB9176C3DA ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:58:40.0852 0x0ca8  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:58:40.0852 0x0ca8  [ 1F18B9EA1BBFF033413414C3BEA13AD6, EC549203DD16A70F3275500CF1754198FDD4F619A0EC973FF8D4A9934DAACE6B ] C:\Windows\System32\wbem\WinMgmtR.dll
15:58:40.0852 0x0ca8  C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:58:40.0867 0x0ca8  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:58:40.0867 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
15:58:40.0867 0x0ca8  [ 0E314BFB938B9C370B898C1C71297570, 5F579E7FC392607E350246917CCB16BD10754916AF82A0A9F62799C849F8F939 ] C:\Program Files\AVG\AVG PC TuneUp\avgreplibx.dll
15:58:40.0867 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\avgreplibx.dll - ok
15:58:40.0883 0x0ca8  [ A952D0DED445F26AEFCF593A935AB300, 3A5D7D33D6445B146C9F1ABAE7A705EB53E5C4800CE3F04A9392C42E0D9ECBBD ] C:\Windows\System32\hnetcfg.dll
15:58:40.0883 0x0ca8  C:\Windows\System32\hnetcfg.dll - ok
15:58:40.0883 0x0ca8  [ FC1EEE57EB9CD57279D70BA2A9131C38, 3154EF4F545CE40C7C67B8D5A4DF23D37B2A6F0CA8C5EC656CF81D96A7BE3CE9 ] C:\Windows\System32\wbem\wbemcore.dll
15:58:40.0883 0x0ca8  C:\Windows\System32\wbem\wbemcore.dll - ok
15:58:40.0883 0x0ca8  [ C10E13721B0AAEBEB5EBA914F1D18181, D30BA6FF257A840D67BFA6AF332ADBDC0E79C70EDCEFB10FAACD7071FB431458 ] C:\Windows\System32\wbem\esscli.dll
15:58:40.0883 0x0ca8  C:\Windows\System32\wbem\esscli.dll - ok
15:58:40.0899 0x0ca8  [ BC5A34B6A14C93BF04E3F4E8EA57090A, 55F71740FBA3A079B81A045C81088C39176D44358ED28F568C198F338400E017 ] C:\Windows\System32\wbem\fastprox.dll
15:58:40.0899 0x0ca8  C:\Windows\System32\wbem\fastprox.dll - ok
15:58:40.0899 0x0ca8  [ DB0F37DBA4C245C61E5936DDBDE62438, 2DB2979BAF792DA74584E380055F233B9CEF51BCBF992CA84A79AD81A23C1663 ] C:\Windows\System32\wbem\wbemsvc.dll
15:58:40.0899 0x0ca8  C:\Windows\System32\wbem\wbemsvc.dll - ok
15:58:40.0914 0x0ca8  [ 2C3B09E586BDA2CC49A292BE7BADC589, E8AA356380E11A75DA0B51DA9C8BD9D3EA05885206AB9D4D1A69A96D8E9777AE ] C:\Windows\System32\wbem\wmiutils.dll
15:58:40.0914 0x0ca8  C:\Windows\System32\wbem\wmiutils.dll - ok
15:58:40.0914 0x0ca8  [ 834933F16EA839AC5AC7CBF88638DF27, 5A91A23ACD760F81E4DF7976DE1FA27E80EF8D35B680EEC859E08AF9588ACBE4 ] C:\Windows\System32\wbem\repdrvfs.dll
15:58:40.0914 0x0ca8  C:\Windows\System32\wbem\repdrvfs.dll - ok
15:58:40.0914 0x0ca8  [ C2C6C014B96581EC8BF0C8604DE1743E, 5641A4B4EEB85C247A6C5718D3DDBAC9BD8C00E1D474721E8F27CFC7E7C25FBC ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:58:40.0914 0x0ca8  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:58:40.0930 0x0ca8  [ 00EAF5D547E4B39FC85CA36D2DF1A406, 49B102ED12803FB070C70D2EEA721CBC87FE8CC5DCDB592870BC02271633CAA9 ] C:\Program Files\AVG\AVG PC TuneUp\tulic.dll
15:58:40.0930 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\tulic.dll - ok
15:58:40.0930 0x0ca8  [ A609A192E98934A8D352704C99AB8577, E4E4B8FEDBDFAC148E416190C7E88F8634269FFB2395E197D92BCB3CD7CDF662 ] C:\Windows\System32\wbem\wbemess.dll
15:58:40.0930 0x0ca8  C:\Windows\System32\wbem\wbemess.dll - ok
15:58:40.0945 0x0ca8  [ 1452F52471F2DC1515DD6C35B42FF06E, 57A2858B24D0C9C229A4C76F85DB453E867921C2B4E41835211C4EB5EBE99DE8 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
15:58:40.0945 0x0ca8  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
15:58:40.0945 0x0ca8  [ C63264637FE7EE43ABD60073E706EA38, 4DC2A0B0D69E77E5D1A5A55D1FDEE5585F0D237DC689CF360B292D8F54A8A80C ] C:\Program Files\AVG\AVG PC TuneUp\tuavgx.dll
15:58:40.0945 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\tuavgx.dll - ok
15:58:40.0945 0x0ca8  [ AC86E42A96EBB3CBEDA632D8DE4DD603, 37BF01B7E15D13026AE7F5960A81DA6A4369F2ACB96773F36A50B07CCA52BD70 ] C:\Program Files\Microsoft Security Client\NisLog.dll
15:58:40.0945 0x0ca8  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
15:58:40.0961 0x0ca8  [ D0A95E567224B4C347CBDD6541E5D928, 6CF5AA0B5C48B783A8C300B95E8C75366BC0859B434ACBE5D334AC987462886E ] C:\Windows\System32\wscisvif.dll
15:58:40.0961 0x0ca8  C:\Windows\System32\wscisvif.dll - ok
15:58:40.0961 0x0ca8  [ 1DFC366D2154EF2B381A7F2CB165C7F4, BE21632FD644AEFD6B608E7098F73705F82B65CBFD0FCE93C0AF2BF9DE02E063 ] C:\Windows\System32\diagperf.dll
15:58:40.0961 0x0ca8  C:\Windows\System32\diagperf.dll - ok
15:58:40.0961 0x0ca8  [ 1D6B95871DC006190964B04E5657E35F, 813F546ECB052166851B3E402DA13BF82CC83D36DA02AF3DED3780FEFFBA3277 ] C:\Windows\System32\rastapi.dll
15:58:40.0961 0x0ca8  C:\Windows\System32\rastapi.dll - ok
15:58:40.0977 0x0ca8  [ B973F607B449F26B52181E68965EFE8B, E3CF55EBB084AD8BE657A327970D801F7AA1A1972EFC307D47D8AD139AEBBD25 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{615E15F7-BDF2-41C6-B16A-0DCEF3EAF8DD}\gapaengine.dll
15:58:40.0977 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{615E15F7-BDF2-41C6-B16A-0DCEF3EAF8DD}\gapaengine.dll - ok
15:58:40.0977 0x0ca8  [ E3D425180A0CC19CD7F46FE626B17427, CF713B5439B408057E546041FBD71FE12708AE1139091F431DAFA123CF26E29D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{615E15F7-BDF2-41C6-B16A-0DCEF3EAF8DD}\nisfull.vdm
15:58:40.0977 0x0ca8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{615E15F7-BDF2-41C6-B16A-0DCEF3EAF8DD}\nisfull.vdm - ok
15:58:40.0992 0x0ca8  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\Windows\System32\wuapi.dll
15:58:40.0992 0x0ca8  C:\Windows\System32\wuapi.dll - ok
15:58:40.0992 0x0ca8  [ C8AE490A93C3CC2E537B6E06247785A1, AE4978ADCBBE8047B3409969752230DC1A2C10B7ADC876859A3965196B7F6203 ] C:\Windows\System32\wbem\NCProv.dll
15:58:40.0992 0x0ca8  C:\Windows\System32\wbem\NCProv.dll - ok
15:58:40.0992 0x0ca8  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\Windows\System32\wups.dll
15:58:40.0992 0x0ca8  C:\Windows\System32\wups.dll - ok
15:58:41.0008 0x0ca8  [ B96B60EC821F86D445C9739A0F3DED59, 5BBB1C4AE7EB45403435D875598A8CC576698FD081977F5D51D438BA43140588 ] C:\Windows\System32\unimdm.tsp
15:58:41.0008 0x0ca8  C:\Windows\System32\unimdm.tsp - ok
15:58:41.0008 0x0ca8  [ 4BAEC13BCAA595639EBB5185278DEFEA, 9326D08AE3D0547A319777BBEEBAB17B75452F70B3CC40049ABDCA634E366658 ] C:\Windows\System32\fdWSD.dll
15:58:41.0008 0x0ca8  C:\Windows\System32\fdWSD.dll - ok
15:58:41.0008 0x0ca8  [ 3EB6D30D82F0E300FCFBAD0498F654FD, 12A9CA74619AE147FC097A8A2142B6DF9318AE8ED0ADAF04A783BC0995039071 ] C:\Windows\System32\mlang.dll
15:58:41.0008 0x0ca8  C:\Windows\System32\mlang.dll - ok
15:58:41.0023 0x0ca8  [ DFBAADF1B624DC71E88D34D86B3595BE, AFEEA1CF788DC67833C4FA14CCE681B5E30F480A8D9059B9192D636359F8D8DD ] C:\Windows\System32\uniplat.dll
15:58:41.0023 0x0ca8  C:\Windows\System32\uniplat.dll - ok
15:58:41.0023 0x0ca8  [ 443C5961CACD4ABC16648874AF06E4A0, 89AB98F2503CD4A36A9FAE668B62431EC219FF5E8428EC7786F6CC4F26BB0A28 ] C:\Windows\System32\fdSSDP.dll
15:58:41.0023 0x0ca8  C:\Windows\System32\fdSSDP.dll - ok
15:58:41.0039 0x0ca8  [ E3F535656B5ABF249702EB64F3CF9AF0, 8669E7586FC1020E2C382997CF5A3B55BBF4A0135554921F1BC00CF9400FBC75 ] C:\Windows\System32\wbem\wbemcons.dll
15:58:41.0039 0x0ca8  C:\Windows\System32\wbem\wbemcons.dll - ok
15:58:41.0039 0x0ca8  [ F0062778F50838145AC46B384FFB4FA3, 7EC4509AB87062D2BA00E3B7AD59F3D6D2F01AF66E4AEFB70BFAFD1B89E7BFEF ] C:\Windows\System32\pcadm.dll
15:58:41.0039 0x0ca8  C:\Windows\System32\pcadm.dll - ok
15:58:41.0039 0x0ca8  [ 21322832C99E8DE85BD047689A2A69DB, EDEA0659E65AD8C081BDF82A8AFF0999E7DD3B31F2AB0FBCEDDAEE893E90B9EB ] C:\Windows\System32\pnpts.dll
15:58:41.0039 0x0ca8  C:\Windows\System32\pnpts.dll - ok
15:58:41.0055 0x0ca8  [ 0B71899E60D1265229BF3D080EAB573D, 84CF5A6316DDCF5811CB8CE4C6EC647E2FB2286C852B0D2970DBF17C9CAC3F06 ] C:\Windows\System32\unimdmat.dll
15:58:41.0055 0x0ca8  C:\Windows\System32\unimdmat.dll - ok
15:58:41.0055 0x0ca8  [ 2E837F3D406224DF131C34BC8F71621E, 1878268AC27FEEFC58F813E84FDFBCC2B1B93412D7F2282E439BC5CAEE99E587 ] C:\Windows\System32\modemui.dll
15:58:41.0055 0x0ca8  C:\Windows\System32\modemui.dll - ok
15:58:41.0055 0x0ca8  [ 17C0E094BEE5BC03CF491972F71AA6EF, 801E500A8B3C6DC7881E1C26AD3AFF4D105D5F2C8F58AFED84EF1A101F3AC10A ] C:\Windows\System32\wlanapi.dll
15:58:41.0055 0x0ca8  C:\Windows\System32\wlanapi.dll - ok
15:58:41.0070 0x0ca8  [ 953193A9DEA40348C1086D171F6440AE, D09D2A3238A56C823010F7AB5A92C88D315F7A01093C3EB0CF70C0F058055C93 ] C:\Windows\System32\kmddsp.tsp
15:58:41.0070 0x0ca8  C:\Windows\System32\kmddsp.tsp - ok
15:58:41.0070 0x0ca8  [ 2F6776ACEFE41EE889C464EA407918F2, 67401F5B8B6DBA6E7478D1D05D1ED91680C8623E66CA66AFB44377D63DD5F13C ] C:\Windows\System32\ndptsp.tsp
15:58:41.0070 0x0ca8  C:\Windows\System32\ndptsp.tsp - ok
15:58:41.0086 0x0ca8  [ B4B59AC042EE3733A862F26CBC0B17FC, 4EB571061FF1C0CEF66C450FBB266D81A583B7EA2AFD4A32F3ED7079969D7949 ] C:\Windows\System32\hidphone.tsp
15:58:41.0086 0x0ca8  C:\Windows\System32\hidphone.tsp - ok
15:58:41.0086 0x0ca8  [ 8B645890A93F1FBBC7DA3E07CC72D762, 9D7054729CC860F2311060C236F7123567CBB2780966A72B6ADEB96185CB5D7B ] C:\Windows\System32\rasppp.dll
15:58:41.0086 0x0ca8  C:\Windows\System32\rasppp.dll - ok
15:58:41.0101 0x0ca8  [ 56E315ACFB08A177B4D01E42B9044DB5, 230B5AC4EB6654C854046CD210A80929345AA5D049EFA7C329048723A3A32345 ] C:\Windows\System32\mprapi.dll
15:58:41.0101 0x0ca8  C:\Windows\System32\mprapi.dll - ok
15:58:41.0101 0x0ca8  [ 88225070DD2F7B0B2ED51E7935078641, 9DC31DE93783EBC7285B8CBEA50E73976AA221B9701C3AE6CED56960F19AB298 ] C:\Windows\System32\rasqec.dll
15:58:41.0101 0x0ca8  C:\Windows\System32\rasqec.dll - ok
15:58:41.0101 0x0ca8  [ 064E24C715648566C77A9716F736CBE6, 201492A506A116EFADFFC72E60C960010AC978237AD2A98BB203989F89ACEA89 ] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
15:58:41.0101 0x0ca8  C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE - ok
15:58:41.0117 0x0ca8  [ 248A1F31ABB58DDDDC01490EF0BDC777, 5E5CF3FEAB07628BB1EAE37BED9207E231AB3AEE38907C58D909B1BA391D18A8 ] C:\Windows\System32\cryptui.dll
15:58:41.0117 0x0ca8  C:\Windows\System32\cryptui.dll - ok
15:58:41.0117 0x0ca8  [ 2DD6AF8E97F59C9D39329BBC2A81F13F, 53D9DD827F010DFC555C330296B552276E2F0DB2ECFFB9578FA92F4D4DD77945 ] C:\Windows\System32\rasdlg.dll
15:58:41.0117 0x0ca8  C:\Windows\System32\rasdlg.dll - ok
15:58:41.0133 0x0ca8  [ 1BD363738B672A394EBE3B8A78EAB9D3, 68D405EE3AE5A013E631892D6F4AAA8C654C2BCE30D749E9DAA3C49823006BA9 ] C:\Program Files\Windows Defender\MpClient.dll
15:58:41.0133 0x0ca8  C:\Program Files\Windows Defender\MpClient.dll - ok
15:58:41.0133 0x0ca8  [ 3192ED5E2FFDF5B630541B9643AE1AA3, 5F2A25A3B49E312D39CFD5C3D9E058AC3807016A09458F991894FABEFE029A56 ] C:\Windows\System32\upnp.dll
15:58:41.0133 0x0ca8  C:\Windows\System32\upnp.dll - ok
15:58:41.0133 0x0ca8  [ 29516BECB93B025C9E7B32EC6338AA9A, EBD1F2FE0B96190E7EBE7E7F44B2396D5B715AA3CE5A5758C1D969681BE67F37 ] C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
15:58:41.0133 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe - ok
15:58:41.0148 0x0ca8  [ E5049C43601473B5A909058596111229, 96CFE481F767C66FA2877594384086C1BE8B2BADBF12DBF4CB72CF73898D0876 ] C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
15:58:41.0148 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys - ok
15:58:41.0148 0x0ca8  [ FE3702015BE4D214808A2FBC07B8E5FF, D1C9254994D5266F54349A62B5DEB2C989ADFF65ED460D8B65C20F4063CFACD1 ] C:\Windows\System32\wscproxystub.dll
15:58:41.0148 0x0ca8  C:\Windows\System32\wscproxystub.dll - ok
15:58:41.0164 0x0ca8  [ 8BBF8A03F32FA4E5484B10DED436C1D0, AAA6CA32CD2E1F724179BFCB3941C8F948B43E8527364B1F7B257E4730C438BB ] C:\Program Files\AVG\AVG PC TuneUp\tulngx.dll
15:58:41.0164 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\tulngx.dll - ok
15:58:41.0164 0x0ca8  [ BC8E5F6AAF447364A6F6A00D3F8FAF29, 72BE1F1F7B6D31F3E98324BBABB49FAC21689A86DC90DB41706000ED56D81C05 ] C:\Windows\System32\srclient.dll
15:58:41.0164 0x0ca8  C:\Windows\System32\srclient.dll - ok
15:58:41.0164 0x0ca8  [ 4A839160ED1963F9A1526DDA2D1233B2, 1586B0D89994C37DF8DC045AEA91BA6A26B59DBDF9FB57C4BB7482922CC5B0F2 ] C:\Windows\System32\AltTab.dll
15:58:41.0164 0x0ca8  C:\Windows\System32\AltTab.dll - ok
15:58:41.0179 0x0ca8  [ 6B5C53E0932C510606D700B7A896EF73, 760ECED5F0CA82EBA3B346FEAF7C46543C5CF89A7B624E8AFD5B4A00D3D4EDE9 ] C:\Windows\System32\WPDShServiceObj.dll
15:58:41.0179 0x0ca8  C:\Windows\System32\WPDShServiceObj.dll - ok
15:58:41.0179 0x0ca8  [ 898ABECCD5F0B9A8E8F1318DDB234685, CD9B0AE2FDF22B694FD2E3FD92C751AAECDDD85779D6F8CCD7EFCD3CC8C1161B ] C:\Windows\System32\dot3api.dll
15:58:41.0179 0x0ca8  C:\Windows\System32\dot3api.dll - ok
15:58:41.0195 0x0ca8  [ 883D02AB5D350BC45E0F60E8CFA97FDC, 3F955D79F65DAE098B1F6AFC0475041C0C1A012195160E59C2D8C08287CE1D05 ] C:\Windows\System32\PortableDeviceTypes.dll
15:58:41.0195 0x0ca8  C:\Windows\System32\PortableDeviceTypes.dll - ok
15:58:41.0195 0x0ca8  [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295, 745FA882709CCD6CEBD9881A001B9F26D9F09BE5D64582D61A6557E1C8E6C58F ] C:\Windows\System32\wlanhlp.dll
15:58:41.0195 0x0ca8  C:\Windows\System32\wlanhlp.dll - ok
15:58:41.0195 0x0ca8  [ 744F08CF9ACFFB1C715191D04DEEE907, 22FD4A3BA5F6424EEC0310AF9D0184599F1F820201CF643311FB6527A0BC2016 ] C:\Windows\System32\srchadmin.dll
15:58:41.0195 0x0ca8  C:\Windows\System32\srchadmin.dll - ok
15:58:41.0211 0x0ca8  [ 5193DE33F3284C447E0D31DAFBF92570, EA0F12B0C2F9DD4EA651BD96FC88AE5584364F2C0D4138E8E3D4F18F226717FE ] C:\Windows\System32\webcheck.dll
15:58:41.0211 0x0ca8  C:\Windows\System32\webcheck.dll - ok
15:58:41.0211 0x0ca8  [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55, 3014464C3A1E4D653A378CE6DFB22911B1B0F98EA8D3F6AD9AAD7399E319795C ] C:\Windows\System32\SyncCenter.dll
15:58:41.0211 0x0ca8  C:\Windows\System32\SyncCenter.dll - ok
15:58:41.0211 0x0ca8  [ 2C176EDDFBCF7D2226EA23D1D425C756, 84C980D8D5E55B870772E7BC29EA31D4AD2CBC6E3C077DF77F5DE704D1454D27 ] C:\Program Files\AVG\AVG2015\avgcslx.dll
15:58:41.0211 0x0ca8  C:\Program Files\AVG\AVG2015\avgcslx.dll - ok
15:58:41.0226 0x0ca8  [ 0B5AC46982E77CAF3EC1D55C9AC6AB56, D13A98929C5A4F0BBC24F2C5DEC13D850563E6745EACA0196179D7DCBA0DE8DC ] C:\Windows\System32\wscntfy.dll
15:58:41.0226 0x0ca8  C:\Windows\System32\wscntfy.dll - ok
15:58:41.0226 0x0ca8  [ 9B0726A03B790E5B82BED44D24009BEF, F82F3379C2D399B64BE4A9B10B85B4CE8D3C75F7BAA5BF3938A6E5DFC2826F13 ] C:\Windows\System32\imapi2.dll
15:58:41.0226 0x0ca8  C:\Windows\System32\imapi2.dll - ok
15:58:41.0226 0x0ca8  [ C0ABD66F31C0B84CD944802E6D3D02C2, FCB7316FBA1F37EAA0036CE6A075C55FBBCB58C4444B053963E540517E95D636 ] C:\Windows\System32\bthprops.cpl
15:58:41.0226 0x0ca8  C:\Windows\System32\bthprops.cpl - ok
15:58:41.0242 0x0ca8  [ 43AEF7355D24090CA7C24C83846BD981, 9F7B568C5B1478168B6E3D566B47CD96349575BF9DD854294B3F7E3C40FE0146 ] C:\Windows\System32\spp.dll
15:58:41.0242 0x0ca8  C:\Windows\System32\spp.dll - ok
15:58:41.0242 0x0ca8  [ 8274C87726D4561EE8750D883764ACC1, 78F96E2D1AB6731EA64AEDFBE365AA574DE0280FF97D86DD0C89AD94ACC30E1A ] C:\Windows\System32\wbem\unsecapp.exe
15:58:41.0242 0x0ca8  C:\Windows\System32\wbem\unsecapp.exe - ok
15:58:41.0242 0x0ca8  [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D, 93F3EA0BAAD54B7ABF6558B15818BFD239BBFDA395BC909BF9D987C72BC1D1FB ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:58:41.0242 0x0ca8  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:58:41.0257 0x0ca8  [ 10DE220BDFE330073762F89974DB8403, DCE5F953C42B28552CD4FEF770CB87008F2A99AE11C9486EFA3C8F4F76E153D1 ] C:\Windows\System32\wbem\wmiprov.dll
15:58:41.0257 0x0ca8  C:\Windows\System32\wbem\wmiprov.dll - ok
15:58:41.0257 0x0ca8  [ 87CDFFCBD09C1CA03A068343D5D93250, 6689791268ACB44D02BBF0616E448CE20CF414E3A20E189441D0ED26F036394B ] C:\Windows\System32\wmi.dll
15:58:41.0257 0x0ca8  C:\Windows\System32\wmi.dll - ok
15:58:41.0273 0x0ca8  [ 02A2C2E9448A88D1002448753E01C594, 74C3D4EDB7E45E1C706A7715C6683500A3BC1C42EB5DE1F56409D302ECD424DA ] C:\Program Files\AVG\AVG PC TuneUp\TUiOSCleanerx.dll
15:58:41.0273 0x0ca8  C:\Program Files\AVG\AVG PC TuneUp\TUiOSCleanerx.dll - ok
15:58:41.0273 0x0ca8  [ 743F7330CDB00E424B43EE23226D8BAC, 4A1A715E2FD32335825DBFB9F45DF04ECC2A0214E8295376EC2476D47D6A4BD4 ] C:\Program Files\Spybot - Search & Destroy 2\SDResources.dll
15:58:41.0273 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDResources.dll - ok
15:58:41.0273 0x0ca8  [ 89E6462A142CE341B0A25777CFB00ECC, 99B4346EE450EA65A9589DA070706C517D699E9A3894C937F0F9F595C21EA8F4 ] C:\Program Files\Spybot - Search & Destroy 2\SDScanLibrary.dll
15:58:41.0273 0x0ca8  C:\Program Files\Spybot - Search & Destroy 2\SDScanLibrary.dll - ok
15:58:41.0289 0x0ca8  [ 3A2EEE8444A8E5C1A454C57B2198F5FC, 6B21A65BBCF9E86193BD8ABC3FAE897B4EB55758E52BE4B9F24BE1C98C73A333 ] C:\Windows\System32\ntlanman.dll
15:58:41.0289 0x0ca8  C:\Windows\System32\ntlanman.dll - ok
15:58:41.0289 0x0ca8  [ 582EFE56FC0858E58A6CEBA2A64B02C7, 569F05DC50651165FD734C19767C10E7C9DFF03157B8222C59544A35A38E1C75 ] C:\Windows\System32\drprov.dll
15:58:41.0289 0x0ca8  C:\Windows\System32\drprov.dll - ok
15:58:41.0304 0x0ca8  [ CFBD2E1FE18B50748A76703A2DC6D4E3, 5D553B3CBCC404555DEE7F58102B62A02A968EEDB99E1029624327F0A914D08E ] C:\Windows\System32\davclnt.dll
15:58:41.0304 0x0ca8  C:\Windows\System32\davclnt.dll - ok
15:58:41.0304 0x0ca8  [ 73FD66B14D3C4252F7A524B8836A4359, 04656A6290E9DFE79FCCD427FC4BBCF65E5C6B9525953D780FF42966C93468CF ] C:\Windows\System32\mstask.dll
15:58:41.0304 0x0ca8  C:\Windows\System32\mstask.dll - ok
15:58:41.0304 0x0ca8  [ 05B6A5CE1C7767C32DF35966107CB1EC, DECC08418A2F6B887268B6C35B11F5C00523D291AD8C6F792CD6DF801FCACBFD ] C:\Windows\System32\hhctrl.ocx
15:58:41.0304 0x0ca8  C:\Windows\System32\hhctrl.ocx - ok
15:58:41.0320 0x0ca8  [ C98F35D0589DE4B56CCE5F25F957F38B, F19D8EEB59BCE2ED9152FFCA11B83E9B248EFDBB211E2D36EAE8A6BD6A63241A ] C:\Program Files\SUPERAntiSpyware\SSUpdate.exe
15:58:41.0320 0x0ca8  C:\Program Files\SUPERAntiSpyware\SSUpdate.exe - ok
15:58:41.0320 0x0ca8  [ DF1F51D2938A403BFE671B13A12FA434, A286E955C4AC7EF755AF82B2F08994D77C50F8F8EA687BD9385C6D278487E58E ] C:\Windows\System32\vdmdbg.dll
15:58:41.0320 0x0ca8  C:\Windows\System32\vdmdbg.dll - ok
15:58:41.0320 0x0ca8  [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\Users\Standartkonto\Desktop\tdsskiller.exe
15:58:41.0320 0x0ca8  C:\Users\Standartkonto\Desktop\tdsskiller.exe - ok
15:58:41.0335 0x0ca8  [ 5E50B8E904FCB8DFC7C29BD3FEB7A593, 56A674DF596B82996C6049F28721521C68FC76BD16426FEBDD5275DE468F3CAD ] C:\Windows\System32\consent.exe
15:58:41.0335 0x0ca8  C:\Windows\System32\consent.exe - ok
15:58:41.0335 0x0ca8  [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\Windows\temp\tdsFCF4.tmp
15:58:41.0335 0x0ca8  C:\Windows\temp\tdsFCF4.tmp - ok
15:58:41.0351 0x0ca8  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D, 15A579FDE0288BC732DF0C092A8269159D4D7B8AAC13E78B1D444899EE1CE478 ] C:\Windows\System32\riched20.dll
15:58:41.0351 0x0ca8  C:\Windows\System32\riched20.dll - ok
15:58:41.0351 0x0ca8  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{CE29DC78-67E4-4FC0-B223-17E489F6ADD3}.tmp
15:58:41.0351 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{CE29DC78-67E4-4FC0-B223-17E489F6ADD3}.tmp - ok
15:58:41.0351 0x0ca8  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{F5B592E5-D356-4597-8217-E1560CEA8B5A}.tmp
15:58:41.0351 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{F5B592E5-D356-4597-8217-E1560CEA8B5A}.tmp - ok
15:58:41.0367 0x0ca8  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{6F380FE7-70B6-46C9-A096-043635010323}.tmp
15:58:41.0367 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{6F380FE7-70B6-46C9-A096-043635010323}.tmp - ok
15:58:41.0367 0x0ca8  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{E7B557FD-062E-4509-9B7B-FD1A10184182}.tmp
15:58:41.0367 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{E7B557FD-062E-4509-9B7B-FD1A10184182}.tmp - ok
15:58:41.0382 0x0ca8  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{1036425D-1F8B-47A2-BBBE-1736245A5C5A}.tmp
15:58:41.0382 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{1036425D-1F8B-47A2-BBBE-1736245A5C5A}.tmp - ok
15:58:41.0382 0x0ca8  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{387F2F74-C6E1-4FCB-9D51-0511A2CE9264}.tmp
15:58:41.0382 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{387F2F74-C6E1-4FCB-9D51-0511A2CE9264}.tmp - ok
15:58:41.0398 0x0ca8  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{0B403A44-2660-412B-BA03-C9ED9642F67B}.tmp
15:58:41.0398 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{0B403A44-2660-412B-BA03-C9ED9642F67B}.tmp - ok
15:58:41.0398 0x0ca8  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{312B307F-697A-40A6-8AA8-25B5A8897943}.tmp
15:58:41.0398 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{312B307F-697A-40A6-8AA8-25B5A8897943}.tmp - ok
15:58:41.0398 0x0ca8  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{F3B9E0BF-24B0-474E-B7B5-5CD6B2A99C63}.tmp
15:58:41.0398 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{F3B9E0BF-24B0-474E-B7B5-5CD6B2A99C63}.tmp - ok
15:58:41.0413 0x0ca8  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{0D6B5631-331F-46F0-930D-D71172342111}.tmp
15:58:41.0413 0x0ca8  C:\Users\peter\AppData\Local\temp\{0A640138-85EF-4C7D-9950-FE61A10809E9}\{0D6B5631-331F-46F0-930D-D71172342111}.tmp - ok
15:58:41.0413 0x0ca8  [ 45234F9C39B86AE1FFA88D54EA39B7C0, EEB171049AB97F7FE985263EF822AD40ADF7317587C51D2C3B12424C4D199BB5 ] C:\Program Files\AVG\AVG2015\fixcfg.exe
15:58:41.0413 0x0ca8  C:\Program Files\AVG\AVG2015\fixcfg.exe - ok
15:58:41.0413 0x0ca8  ================ Scan generic autorun ======================
15:58:41.0569 0x0ca8  [ CF28CEEEFA8253E4704ADD61573B792F, A73356BAB83345EE665F8B48FD586819B2A44B7DCB8B8D11C8F34B0B2F332DC3 ] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
15:58:41.0585 0x0ca8  WinPatrol - ok
15:58:41.0679 0x0ca8  [ BBD1BA710A00842064BA038570C13CB2, 155FABD8323C95932C9F552E8827A87356E9FCED471B8F5E06466F920EEB56A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
15:58:41.0757 0x0ca8  MSC - ok
15:58:41.0944 0x0ca8  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
15:58:42.0115 0x0ca8  SDTray - ok
15:58:42.0115 0x0ca8  {2929702B-4032-46CC-844A-02E369ED99E6} - ok
15:58:42.0256 0x0ca8  [ C96005419013D688C22DA72D3B46BC4C, FCBE76E81E2C1F6512D2E0F9DD437FA625D0FC297B5634E5B47E1FE4B71707CD ] C:\Program Files\System Explorer\SystemExplorer.exe
15:58:42.0396 0x0ca8  SystemExplorerAutoStart - ok
15:58:42.0443 0x0ca8  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
15:58:42.0459 0x0ca8  WMPNSCFG - ok
15:58:42.0521 0x0ca8  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
15:58:42.0568 0x0ca8  ehTray.exe - ok
15:58:42.0817 0x0ca8  [ 064E24C715648566C77A9716F736CBE6, 201492A506A116EFADFFC72E60C960010AC978237AD2A98BB203989F89ACEA89 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
15:58:43.0176 0x0ca8  SUPERAntiSpyware - ok
15:58:43.0192 0x0ca8  WindowsWelcomeCenter - ok
15:58:43.0317 0x0ca8  [ 3EBFE205F79CA1C5DF01E85436427278, A03C4D858DC23A88DB6127A843FB0FEE2138FB74017973243A96F84F361FC230 ] C:\Program Files\Acer\WR_PopUp\ProductReg.exe
15:58:43.0426 0x0ca8  ProductReg - detected UnsignedFile.Multi.Generic ( 1 )
15:58:43.0426 0x0ca8  ProductReg ( UnsignedFile.Multi.Generic ) - warning
15:58:43.0519 0x0ca8  AV detected via SS2: AVG Internet Security 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
15:58:43.0519 0x0ca8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
15:58:43.0519 0x0ca8  FW detected via SS2: AVG Internet Security 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41010 ( enabled )
15:58:43.0519 0x0ca8  ============================================================
15:58:43.0519 0x0ca8  Scan finished
15:58:43.0519 0x0ca8  ============================================================
15:58:43.0535 0x0ca4  Detected object count: 4
15:58:43.0535 0x0ca4  Actual detected object count: 4
16:02:03.0334 0x0ca4  CLHNService ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:03.0334 0x0ca4  CLHNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:02:03.0334 0x0ca4  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:03.0334 0x0ca4  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:02:03.0334 0x0ca4  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:03.0334 0x0ca4  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:02:03.0349 0x0ca4  ProductReg ( UnsignedFile.Multi.Generic ) - skipped by user
16:02:03.0349 0x0ca4  ProductReg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:32.0642 0x0870  Deinitialize success
mbar log 02.04.15, 14.29 h

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
peter :: PETER-VERA-PC [administrator]

02.04.2015 13:53:24
mbar-log-2015-04-02 (13-53-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 410695
Time elapsed: 35 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
mbar log 02.04.15, 15.17 h

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
peter :: PETER-VERA-PC [administrator]

02.04.2015 14:43:32
mbar-log-2015-04-02 (14-43-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 410482
Time elapsed: 27 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 02.04.2015, 20:53   #9
schrauber
/// the machine
/// TB-Ausbilder
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.04.2015, 00:17   #10
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


2 Läufe Combofix, SD u MS Security Essential ließ sich nicht deaktivieren.
gerade jetzt wurde ein Fenster im FF AVG Internet Security geöffnet, Hinweis unbekannte malware. Disqus (Kommentar-Fenster) wurde von Ghostery blockiert.
Die bisherigen Läufe blieben ohne Erkennung im AVG Internet Security. Warte daher auf weitere Einschätzung und Vorgehensweise.

Combofix Logfile:
Code:
ATTFilter
ComboFix 15-04-01.01 - peter 03.04.2015  14:33:56.8.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3066.1730 [GMT 2:00]
ausgeführt von:: c:\users\Standartkonto\Desktop\Desktop\ComboFix.exe
AV: AVG Internet Security 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
FW: AVG Internet Security 2015 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-03-03 bis 2015-04-03  ))))))))))))))))))))))))))))))
.
.
2015-04-03 12:47 . 2015-04-03 12:47	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2015-04-03 12:47 . 2015-04-03 12:47	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-04-03 12:47 . 2015-04-03 12:47	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2015-04-03 12:47 . 2015-04-03 12:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-03 12:47 . 2015-04-03 16:17	--------	d-----w-	c:\users\Standartkonto\AppData\Local\temp
2015-04-03 12:25 . 2015-04-03 12:25	39464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{63CF04B7-720B-443D-BE50-435E27868EF1}\MpKsl366efd4c.sys
2015-04-03 07:56 . 2015-03-14 10:06	9119072	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{63CF04B7-720B-443D-BE50-435E27868EF1}\mpengine.dll
2015-04-02 11:52 . 2015-04-02 13:17	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-04-02 11:52 . 2015-04-02 12:42	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-02 11:49 . 2015-04-02 12:30	92888	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-01 21:34 . 2015-03-14 10:06	9119072	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-03-31 20:04 . 2015-03-31 20:04	--------	d-----w-	c:\program files\AnalogX
2015-03-31 13:27 . 2015-03-31 13:26	908832	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{615E15F7-BDF2-41C6-B16A-0DCEF3EAF8DD}\gapaengine.dll
2015-03-21 17:52 . 2013-09-20 09:49	18968	----a-w-	c:\windows\system32\sdnclean.exe
2015-03-21 12:57 . 2015-03-21 12:57	--------	d-----w-	c:\users\Gast\AppData\Roaming\AVG
2015-03-21 12:52 . 2015-03-21 12:52	--------	d-----w-	c:\users\Gast\AppData\Local\Avg
2015-03-20 05:17 . 2015-01-29 01:35	369664	----a-w-	c:\windows\system32\WMPhoto.dll
2015-03-20 05:16 . 2015-01-29 01:35	975360	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-03-20 05:16 . 2015-02-26 00:18	2064384	----a-w-	c:\windows\system32\win32k.sys
2015-03-20 05:07 . 2015-02-20 02:03	34304	----a-w-	c:\windows\system32\atmlib.dll
2015-03-20 05:07 . 2015-02-20 00:28	296960	----a-w-	c:\windows\system32\atmfd.dll
2015-03-20 05:06 . 2015-02-26 02:01	3604408	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-03-20 05:06 . 2015-01-09 02:04	49152	----a-w-	c:\windows\system32\csrsrv.dll
2015-03-20 05:06 . 2015-01-09 00:18	64000	----a-w-	c:\windows\system32\smss.exe
2015-03-20 05:06 . 2015-02-26 02:01	3552184	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-03-20 05:06 . 2015-01-21 02:02	807936	----a-w-	c:\windows\system32\msctf.dll
2015-03-20 05:03 . 2015-03-06 04:01	279040	----a-w-	c:\windows\system32\schannel.dll
2015-03-20 05:02 . 2014-10-13 01:12	2264064	----a-w-	c:\windows\system32\msi.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-03 13:16 . 2009-11-22 10:57	246920	------w-	c:\windows\system32\MpSigStub.exe
2015-02-17 15:04 . 2015-02-17 15:04	1202848	----a-w-	c:\windows\system32\FM20.DLL
2015-01-15 04:13 . 2015-02-24 19:38	440760	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-01-08 20:44 . 2013-05-01 20:46	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-04 13:21 . 2012-10-04 13:21	261600	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 15:52	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2015-02-17 3391200]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2012-09-20 363752]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 978520]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
c:\users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
OneNote Inhaltsverzeichnis.onetoc2 [2015-1-6 4744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2014-07-22 142648]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL366EFD4C
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-21 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2015-03-21 10:52]
.
2015-03-21 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2015-03-21 09:41]
.
2015-03-21 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2015-03-21 09:42]
.
2010-12-19 c:\windows\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E}.job
- c:\windows\system32\msfeedssync.exe [2015-03-10 17:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
FF - ProfilePath - c:\users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\
FF - prefs.js: browser.search.defaulturl - 
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-46065852.sys
HKLM_ActiveSetup-{89820200-ECBD-11cf-8B85-00AA005B4383} - 0
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-04-03 18:59
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
@Denied: (Full) (LocalSystem)
@SACL=
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\Shell\BagMRU]
@Denied: (Full) (LocalSystem)
"NodeSlots"=hex:
"MRUListEx"=hex:ff,ff,ff,ff
"NodeSlot"=dword:00000000
"0"=hex:00
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\Shell\Bags\1\Desktop]
@Denied: (Full) (LocalSystem)
"FFlags"=dword:00000000
"Mode"=dword:00000001
"ScrollPos1680x945(1).x"=dword:00000000
"ScrollPos1680x945(1).y"=dword:00000000
"IconSize"=dword:00000030
"LogicalViewMode"=dword:00000003
"GroupView"=dword:00000000
"FMTID:GroupByKey"="0"
"PID:GroupByKey"=dword:0000000a
"GroupByGUID"="{00000000-0000-0000-0000-000000000000}"
"GroupByDirection"=dword:00000001
"ColInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"Sort"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ScrollPos1440x900(1).x"=dword:00000000
"ScrollPos1440x900(1).y"=dword:00000000
"ItemPos1440x900(1)"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
   00,00,00,00,00,00
"ScrollPos800x600(1).x"=dword:00000000
"ScrollPos800x600(1).y"=dword:00000000
"ItemPos1680x945(1)"=hex:
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\Shell\Bags\2\Shell\{2C7BBEC6-C844-4A0A-91FA-CEF6F59CFDA1}]
@Denied: (Full) (LocalSystem)
"Rev"=dword:00000000
"FFlags"=dword:00200001
"HotKey"=dword:00000000
"Buttons"=dword:00000000
"Links"=dword:00000000
"Address"=dword:00000000
"Vid"="{65F125E5-7BE1-4810-BA9D-D271C8432CE3}"
"Mode"=dword:00000006
"ScrollPos1680x945(1).x"=dword:00000000
"ScrollPos1680x945(1).y"=dword:00000000
"IconSize"=dword:00000030
"LogicalViewMode"=dword:00000002
"GroupView"=dword:00000000
"FMTID:GroupByKey"="0"
"PID:GroupByKey"=dword:0000000a
"GroupByGUID"="{00000000-0000-0000-0000-000000000000}"
"GroupByDirection"=dword:00000001
"ColInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,fd,df,df,fd,10,
   00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"Sort"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,30,f1,
   25,b7,ef,47,1a,10,a5,f1,02,60,8c,9e,eb,ac,0a,00,00,00,01,00,00,00
"MinPos1680x945(1).x"=dword:ffffffff
"MinPos1680x945(1).y"=dword:ffffffff
"MaxPos1680x945(1).x"=dword:ffffffff
"MaxPos1680x945(1).y"=dword:ffffffff
"WinPos1680x945(1).left"=dword:000000d9
"WinPos1680x945(1).top"=dword:000000d9
"WinPos1680x945(1).right"=dword:000003f9
"WinPos1680x945(1).bottom"=dword:00000331
"WFlags"=dword:00000002
"ShowCmd"=dword:00000003
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001_Classes\CLSID]
@Class="REG_SZ"
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001_Classes\CLSID\{000HQ7FF-AD7A-3FG1-3BG4-281NL05DCVUC}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}]
@Class="REG_SZ"
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001_Classes\CLSID\{7644204c-5eb0-4e21-b225-fc6c1fca74f7}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\57EDFC57AC08FA0EA792895EC7C018FE]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\68AB67CA7DA71301B744AA0100000010]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Products\6E58EC68CABDDFF39B774E7BF9389C90]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1304)
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
Zeit der Fertigstellung: 2015-04-03  19:04:19
ComboFix-quarantined-files.txt  2015-04-03 17:04
ComboFix2.txt  2013-07-30 21:12
.
Vor Suchlauf: 27 Verzeichnis(se), 147.048.218.624 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 154.473.295.872 Bytes frei
.
- - End Of File - - 687BD0DE361F1159FBE7031091187893
--- --- ---
27A811553A4F7A6A891CA99FFAE128F7

[/CODE]

Alt 05.04.2015, 13:12   #11
schrauber
/// the machine
/// TB-Ausbilder
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.04.2015, 20:34   #12
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Datei-explorer nur noch über Taskmanager erreichbar, sehr langsam

mbytes
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
peter :: PETER-VERA-PC [administrator]

02.04.2015 13:53:24
mbar-log-2015-04-02 (13-53-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 410695
Time elapsed: 35 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
adw Cleaner r0
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.200 - Bericht erstellt 05/04/2015 um 15:59:04
# Aktualisiert 29/03/2015 von Xplode
# Datenbank : 2015-03-29.1 [Lokal]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : peter - PETER-VERA-PC
# Gestarted von : C:\Users\Standartkonto\Desktop\Desktop\AdwCleaner_4.200.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\user.js
Datei Gefunden : C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\searchplugins\ask-search.xml
Ordner Gefunden : C:\Program Files\Convesoft
Ordner Gefunden : C:\ProgramData\Uniblue
Ordner Gefunden : C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
Ordner Gefunden : C:\Users\peter\AppData\Roaming\Uniblue
Ordner Gefunden : C:\Users\Standartkonto\AppData\Local\AskPartnerNetwork

***** [ Geplante Tasks ] *****

Task Gefunden : driverscanner

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Convesoft
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\074A36B543391D44FA16C62EBD65A59E
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\074A36B543391D44FA16C62EBD65A59E
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Convesoft
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\074A36B543391D44FA16C62EBD65A59E
Schlüssel Gefunden : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue\DriverScanner

***** [ Internetbrowser ] *****

-\\ Internet Explorer v9.0.8112.16633


-\\ Mozilla Firefox v37.0.1 (x86 de)

[kg8k40zp.default] - Zeile Gefunden : user_pref("extensions.smarterwiki.add_extra_search_results", true);
[kg8k40zp.default] - Zeile Gefunden : user_pref("extensions.smarterwiki.add_related_search_results", true);

-\\ Google Chrome v

[C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=101&systemid=421&sr=0&q={searchTerms}

*************************

AdwCleaner[R0].txt - [3115 Bytes] - [05/04/2015 15:59:04]

########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [3174 Bytes] ##########
--- --- ---


adw Cleaner s0
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.200 - Bericht erstellt 05/04/2015 um 19:28:33
# Aktualisiert 29/03/2015 von Xplode
# Datenbank : 2015-03-29.1 [Lokal]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : peter - PETER-VERA-PC
# Gestarted von : C:\Users\Standartkonto\Desktop\Desktop\AdwCleaner_4.200.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\Program Files\Convesoft
Ordner Gelöscht : C:\Users\peter\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\Standartkonto\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
Datei Gelöscht : C:\Users\Standartkonto\AppData\Roaming\Mozilla\Firefox\Profiles\kg8k40zp.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\user.js

***** [ Geplante Tasks ] *****

Task Gelöscht : driverscanner

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKCU\Software\Convesoft
Schlüssel Gelöscht : HKLM\SOFTWARE\Convesoft
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\074A36B543391D44FA16C62EBD65A59E
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\074A36B543391D44FA16C62EBD65A59E
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\074A36B543391D44FA16C62EBD65A59E

***** [ Internetbrowser ] *****

-\\ Internet Explorer v9.0.8112.16633


-\\ Mozilla Firefox v37.0.1 (x86 de)

[kg8k40zp.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.smarterwiki.add_extra_search_results", true);
[kg8k40zp.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.smarterwiki.add_related_search_results", true);

-\\ Google Chrome v

[C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=101&systemid=421&sr=0&q={searchTerms}

*************************

AdwCleaner[R0].txt - [3251 Bytes] - [05/04/2015 15:59:04]
AdwCleaner[S0].txt - [3133 Bytes] - [05/04/2015 19:28:33]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [3192  Bytes] ##########
--- --- ---


JRT

JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.1 (04.02.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by peter on 05.04.2015 at 20:24:47,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\flexnet"
Successfully deleted: [Folder] "C:\Users\peter\AppData\Roaming\getrighttogo"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.04.2015 at 20:30:07,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---
[/CODE]

Alt 06.04.2015, 13:41   #13
schrauber
/// the machine
/// TB-Ausbilder
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.04.2015, 11:01   #14
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Die späte Antwort resultiert aus Probleme Internetverbindung, Datei-Explorer, BS instabil. START-Bereich (9 angeheftete Dateien unten, 4 oben, linke Seite je leer,
rechte Seite unvollständig, Verbindung Internet fehlend, FF ohne Aufrufmöglichkeit in START als Icon Desktop). FF Download (engl. Version) .

Hierzu Versuch des Recovery mit (12 CD's), Abbruch da "Neuinstallations-Effekt" mit der Folge das formatiert worden wäre.

Reparatur-Läufe (F8 beim Booten) Aufruf Wiederherstellungspunkte (in engl., ebenfalls über F8 beim Booten), danach wieder



Zur Frage ob noch Probleme bestehen, abgesehen von oben:

1) Datei-Explorer reagiert teils langsam, garnicht, normal

2) Die in ESET zu deinstallierenden Programme a) AVG 2015 b) Avira c) defraggler (01.12.12 Inst-Datum, auch Epson 01.12.12, immer wieder Status Füllstand-Fehlmeldungen)
wurden nicht deinstalliert.

3) Super AntiSpyware 303 Funde

I) Eset II) Security Check III) FRST frisch

I) ESET nach 06.04.15

Code:
ATTFilter
12.04.2014   07.21 h (Start 11.04.2014   20.45 h)
C:\Program Files\AVG\AVG2015\Notification\avg_ask_tb.exe	
Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung	gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert
C:\Users\Standartkonto\Desktop\Desktop\cdbxp_setup_4.5.0.3661.exe	Win32/OpenCandy potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
C:\Users\Standartkonto\Desktop\Desktop\SetupImgBurn_2.5.7.0.exe	Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5OOBHLK\ApnIC[1].0	
Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\$RECYCLE.BIN\S-1-5-21-1765665137-1713434591-3169019743-1001\$RDARCLK\Down Avira\avira_free_antivirus_de(1).exe	
Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\$RECYCLE.BIN\S-1-5-21-1765665137-1713434591-3169019743-1001\$RQHQ5SU\Avira\avira_free_antivirus_de.exe	
Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\$RECYCLE.BIN\S-1-5-21-1765665137-1713434591-3169019743-1001\$RS9JG5Y\Avira 12.0.0.861 wg Überw Kaspersky\avira_free_antivirus_de.exe	
Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\C 2 PC ungeordnet\zz Virensuche ab 19.10.10 u 2011\So 16.01.2011 für Pentium 233 alt\Mo 17.01.11 PC Wizard Auslesen Hardware\pc-wizard_2010.1.961-setup.exe	
Variante von Win32/Bundled.Toolbar.Ask.A potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\neu 2012 PC ges incl Down ProgrSichrg\Prog Down Sichrg\eig Maßnhm Quellen Links Downs\Avira\avira_free_antivirus_de.exe	
Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\neu 2012 PC ges incl Down ProgrSichrg\Prog Down Sichrg\eig Maßnhm Quellen Links Downs\CCleaner\ccsetup325.exe	
Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\neu 2012 PC ges incl Down ProgrSichrg\Prog Down Sichrg\eigene Maßnahmen u Tests\langs DExplorer 
trojBoardDE Defraggler WinPatrol\defraggler filepony\dfsetup210.exe	Win32/Bundled.Toolbar.Google.E potenziell 
unsichere Anwendung	gelöscht - in Quarantäne kopiert
D:\neu 2012 PC ges incl Down ProgrSichrg\Prog Down Sichrg\Rettungsmaßnahmen 2012\defraggler filepony\dfsetup210.exe	
Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
Date: 2015-04-11 15:38:21.569 additional.txt

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-07-2013
Ran by peter at 2015-04-11 15:39:12
Running from C:\Users\Standartkonto\Desktop\Desktop
Boot Mode: Normal
==========================================================

 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.07 beta
Acer Arcade Deluxe (Version: 2.0.5817)
Acer Crystal Eye Webcam 2.0.9.2 (Version: 2.0.9.2)
Acer eAudio Management (Version: 3.0.3009)
Acer eDataSecurity Management (Version: 3.0.3065)
Acer Empowering Technology (Version: 3.0.3013)
Acer ePower Management (Version: 3.0.3016)
Acer eRecovery Management (Version: 3.0.3014)
Acer eSettings Management (Version: 3.0.3007)
Acer GridVista (Version: 2.72.317)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.01.1111)
Advanced IP Scanner (Version: 2.2.224)
AnalogX Script Defender
ATI Catalyst Install Manager (Version: 3.0.704.0)
AVG 2015 (Version: 15.0.4328)
AVG 2015 (Version: 15.0.5645)
AVG 2015 (Version: 2015.0.5645)
AVG PC TuneUp 2015 (de-DE) (Version: 15.0.1001.238)
AVG PC TuneUp 2015 (Version: 15.0.1001.238)
C:\Program Files\Acer GameZone\GameConsole (Version: 2.0.1.2)
Catalyst Control Center Core Implementation (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Full Existing (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Full New (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Light (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Previews Vista (Version: 2008.1210.1623.29379)
Catalyst Control Center InstallProxy (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Chinese Standard (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Czech (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Danish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Dutch (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Finnish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization French (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization German (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Greek (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Hungarian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Italian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Japanese (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Korean (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Norwegian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Polish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Portuguese (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Russian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Spanish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Swedish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Thai (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Turkish (Version: 2008.1210.1623.29379)
CCC Help Chinese Standard (Version: 2008.1210.1622.29379)
CCC Help Chinese Traditional (Version: 2008.1210.1622.29379)
CCC Help Czech (Version: 2008.1210.1622.29379)
CCC Help Danish (Version: 2008.1210.1622.29379)
CCC Help Dutch (Version: 2008.1210.1622.29379)
CCC Help English (Version: 2008.1210.1622.29379)
CCC Help Finnish (Version: 2008.1210.1622.29379)
CCC Help French (Version: 2008.1210.1622.29379)
CCC Help German (Version: 2008.1210.1622.29379)
CCC Help Greek (Version: 2008.1210.1622.29379)
CCC Help Hungarian (Version: 2008.1210.1622.29379)
CCC Help Italian (Version: 2008.1210.1622.29379)
CCC Help Japanese (Version: 2008.1210.1622.29379)
CCC Help Korean (Version: 2008.1210.1622.29379)
CCC Help Norwegian (Version: 2008.1210.1622.29379)
CCC Help Polish (Version: 2008.1210.1622.29379)
CCC Help Portuguese (Version: 2008.1210.1622.29379)
CCC Help Russian (Version: 2008.1210.1622.29379)
CCC Help Spanish (Version: 2008.1210.1622.29379)
CCC Help Swedish (Version: 2008.1210.1622.29379)
CCC Help Thai (Version: 2008.1210.1622.29379)
CCC Help Turkish (Version: 2008.1210.1622.29379)
ccc-core-static (Version: 2008.1210.1623.29379)
ccc-utility (Version: 2008.1210.1623.29379)
Choice Guard (Version: 1.2.87.0)
Content Manager 2 (Version: 3.18.0.342250)
CyberLink PowerDirector (Version: 6.5.3023d)
Defraggler (Version: 2.10)
EPSON-Drucker-Software
ESET Online Scanner v3
eSobi v2 (Version: 2.0.3.000201)
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis (Version: 1.0.0)
HijackThis 2.0.2 (Version: 2.0.2)
Java 8 Update 25 (Version: 8.0.250)
Java Auto Updater (Version: 2.8.25.18)
Junk Mail filter update (Version: 14.0.8050.1202)
Launch Manager
LightScribe  1.4.142.1 (Version: 1.4.142.1)
LOGO!Soft Comfort V7.0  (Version: 7.0.0.0)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.7.0205.0)
Microsoft Security Essentials (Version: 4.7.205.0)
Microsoft Silverlight (Version: 5.1.30514.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 36.0.4 (x86 de) (Version: 36.0.4)
Mozilla Firefox 5.0.1 (x86 en-GB) (Version: 5.0.1)
Mozilla Maintenance Service (Version: 26.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Mystery Solitaire - Secret Island
Mythic Mahjong
Naviextras Toolbox Prerequesities (Version: 1.0.0)
Nero OEM
Nokia Connectivity Cable Driver (Version: 7.1.172.0)
Nuvoton EC Generic HID Driver (Version: 7.80.5000)
OpenOffice 4.1.1 (Version: 4.11.9775)
Orion (Version: 2.0.1)
PC Connectivity Solution (Version: 12.0.109.0)
PC Inspector smart recovery (Version: 4.50)
Print Server Support (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5704)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
RegAlyzer (Version: 1.6.2.16)
Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (Version: 6.2.00)
Skins (Version: 2008.1210.1623.29379)
Spybot - Search & Destroy (Version: 2.4.40)
SUPERAntiSpyware (Version: 6.0.1158)
swMSM (Version: 12.0.0.1)
System Explorer 6.3.2
TomTom HOME (Version: 2.9.7)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
 

==================== Restore Points  =========================

06-04-2015 14:51:26 Windows Update
09-04-2015 18:56:57 Geplanter Prüfpunkt
10-04-2015 22:04:28 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2012-10-07 15:12 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B633EA0-B459-4C1F-81B4-6248065FF374} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1E646C92-3908-4263-9631-F3F9F306812E} - System32\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E} => C:\Windows\system32\msfeedssync.exe [2015-02-21] (Microsoft Corporation)
Task: {2444ED81-626D-4E17-AB7A-756B19F7398C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3B7DA067-39EC-4C5C-8B24-9A4A4F61AAE0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2015-01-30] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {417DA6D0-EF46-4E3F-8373-17A4BD574666} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - peter => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4F834927-E617-460C-BAE8-435401407DA3} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe No File
Task: {5B1FDAE0-63DD-4DCE-B2C1-DC794A1FE545} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {7A976A87-1BF1-459F-A06E-A325C4E582DC} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe No File
Task: {9D21AC5D-5177-48E9-9FA0-0AA18A1CF529} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {A6AD6A36-B2F4-40E3-8634-6EDE6154BC3F} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Standartkonto => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E}.job => C:\Windows\system32\msfeedssync.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2015 03:13:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 07:43:45 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung SystemExplorer.exe, Version 6.3.2.5317, Zeitstempel 0x54e2e6be, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19034, Zeitstempel 0x52f2ec86, Ausnahmecode 0xc0000005, Fehleroffset 0x000c057d,
Prozess-ID 0xcf4, Anwendungsstartzeit SystemExplorer.exe0.

Error: (04/11/2015 07:41:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 07:12:19 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (04/11/2015 06:11:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 03:36:48 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung SASCORE.EXE, Version 6.0.0.1080, Zeitstempel 0x53cef7fc, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0xc00000b0,
Prozess-ID 0x3ac, Anwendungsstartzeit SASCORE.EXE0.

Error: (04/11/2015 02:54:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 02:34:38 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (04/11/2015 02:26:38 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2015 -- Fehler 997. Überlappender E/A-Vorgang wird verarbeitet.
(NULL)(NULL)(NULL)(NULL)

Error: (04/11/2015 01:26:25 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2015 -- Fehler 997. Überlappender E/A-Vorgang wird verarbeitet.
(NULL)(NULL)(NULL)(NULL)


System errors:
=============
Error: (04/11/2015 03:23:07 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 114.3.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:23:07 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1987.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:23:07 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1987.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:23:06 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1987.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: adfs%%2

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/11/2015 03:12:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\RAIHV.dll126

Error: (04/11/2015 03:11:53 PM) (Source: volmgr) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-04-11 15:38:31.846
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:30.445
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:29.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:27.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:26.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:24.561
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:23.057
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:21.569
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 02:26:36.317
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 02:26:34.344
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 3065.93 MB
Available physical RAM: 1589.36 MB
Total Pagefile: 6565.18 MB
Available Pagefile: 4930.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.09 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:225.99 GB) (Free:141.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:226.03 GB) (Free:148.85 GB) NTFS
Drive f: (FlashPen) (Removable) (Total:0.47 GB) (Free:0.43 GB) FAT
Drive g: (06-12-12 4K) (Removable) (Total:7.9 GB) (Free:6.35 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 9DAD3428)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=12)

========================================================
Disk: 1 (Size: 480 MB) (Disk ID: 181F2FA7)
Partition 1: (Active) - (Size=480 MB) - (Type=0E)

========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00AFBA73)
Partition 1: (Active) - (Size=8 GB) - (Type=0C)

==================== End Of Log ============================
--- --- ---


11.04.15 02.08 h umbenannte ESET Datei ÄZÄD110415.txt

Code:
ATTFilter
11.04.15     02.08 h

D:\$RECYCLE.BIN\S-1-5-21-1765665137-1713434591-3169019743-1001\$RQHQ5SU\Übersetzer Babylon\Babylon9_setup.exe
	Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung	gelöscht - in Quarantäne kopiert
D:\Neu A Knete 2012 Arbeit direkt alles\A 1 Knete 2011\Randstad\Z-Schützprogramm\Übersetzer Babylon 9\Babylon9_setup.exe
	Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung	gelöscht - in Quarantäne kopiert
Ran by peter at 2015-04-11 15:39:12 additional.txt

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-07-2013
Ran by peter at 2015-04-11 15:39:12
Running from C:\Users\Standartkonto\Desktop\Desktop
Boot Mode: Normal
==========================================================

 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.07 beta
Acer Arcade Deluxe (Version: 2.0.5817)
Acer Crystal Eye Webcam 2.0.9.2 (Version: 2.0.9.2)
Acer eAudio Management (Version: 3.0.3009)
Acer eDataSecurity Management (Version: 3.0.3065)
Acer Empowering Technology (Version: 3.0.3013)
Acer ePower Management (Version: 3.0.3016)
Acer eRecovery Management (Version: 3.0.3014)
Acer eSettings Management (Version: 3.0.3007)
Acer GridVista (Version: 2.72.317)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.01.1111)
Advanced IP Scanner (Version: 2.2.224)
AnalogX Script Defender
ATI Catalyst Install Manager (Version: 3.0.704.0)
AVG 2015 (Version: 15.0.4328)
AVG 2015 (Version: 15.0.5645)
AVG 2015 (Version: 2015.0.5645)
AVG PC TuneUp 2015 (de-DE) (Version: 15.0.1001.238)
AVG PC TuneUp 2015 (Version: 15.0.1001.238)
C:\Program Files\Acer GameZone\GameConsole (Version: 2.0.1.2)
Catalyst Control Center Core Implementation (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Full Existing (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Full New (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Light (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Previews Vista (Version: 2008.1210.1623.29379)
Catalyst Control Center InstallProxy (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Chinese Standard (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Czech (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Danish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Dutch (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Finnish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization French (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization German (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Greek (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Hungarian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Italian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Japanese (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Korean (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Norwegian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Polish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Portuguese (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Russian (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Spanish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Swedish (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Thai (Version: 2008.1210.1623.29379)
Catalyst Control Center Localization Turkish (Version: 2008.1210.1623.29379)
CCC Help Chinese Standard (Version: 2008.1210.1622.29379)
CCC Help Chinese Traditional (Version: 2008.1210.1622.29379)
CCC Help Czech (Version: 2008.1210.1622.29379)
CCC Help Danish (Version: 2008.1210.1622.29379)
CCC Help Dutch (Version: 2008.1210.1622.29379)
CCC Help English (Version: 2008.1210.1622.29379)
CCC Help Finnish (Version: 2008.1210.1622.29379)
CCC Help French (Version: 2008.1210.1622.29379)
CCC Help German (Version: 2008.1210.1622.29379)
CCC Help Greek (Version: 2008.1210.1622.29379)
CCC Help Hungarian (Version: 2008.1210.1622.29379)
CCC Help Italian (Version: 2008.1210.1622.29379)
CCC Help Japanese (Version: 2008.1210.1622.29379)
CCC Help Korean (Version: 2008.1210.1622.29379)
CCC Help Norwegian (Version: 2008.1210.1622.29379)
CCC Help Polish (Version: 2008.1210.1622.29379)
CCC Help Portuguese (Version: 2008.1210.1622.29379)
CCC Help Russian (Version: 2008.1210.1622.29379)
CCC Help Spanish (Version: 2008.1210.1622.29379)
CCC Help Swedish (Version: 2008.1210.1622.29379)
CCC Help Thai (Version: 2008.1210.1622.29379)
CCC Help Turkish (Version: 2008.1210.1622.29379)
ccc-core-static (Version: 2008.1210.1623.29379)
ccc-utility (Version: 2008.1210.1623.29379)
Choice Guard (Version: 1.2.87.0)
Content Manager 2 (Version: 3.18.0.342250)
CyberLink PowerDirector (Version: 6.5.3023d)
Defraggler (Version: 2.10)
EPSON-Drucker-Software
ESET Online Scanner v3
eSobi v2 (Version: 2.0.3.000201)
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis (Version: 1.0.0)
HijackThis 2.0.2 (Version: 2.0.2)
Java 8 Update 25 (Version: 8.0.250)
Java Auto Updater (Version: 2.8.25.18)
Junk Mail filter update (Version: 14.0.8050.1202)
Launch Manager
LightScribe  1.4.142.1 (Version: 1.4.142.1)
LOGO!Soft Comfort V7.0  (Version: 7.0.0.0)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.7.0205.0)
Microsoft Security Essentials (Version: 4.7.205.0)
Microsoft Silverlight (Version: 5.1.30514.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 36.0.4 (x86 de) (Version: 36.0.4)
Mozilla Firefox 5.0.1 (x86 en-GB) (Version: 5.0.1)
Mozilla Maintenance Service (Version: 26.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Mystery Solitaire - Secret Island
Mythic Mahjong
Naviextras Toolbox Prerequesities (Version: 1.0.0)
Nero OEM
Nokia Connectivity Cable Driver (Version: 7.1.172.0)
Nuvoton EC Generic HID Driver (Version: 7.80.5000)
OpenOffice 4.1.1 (Version: 4.11.9775)
Orion (Version: 2.0.1)
PC Connectivity Solution (Version: 12.0.109.0)
PC Inspector smart recovery (Version: 4.50)
Print Server Support (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5704)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
RegAlyzer (Version: 1.6.2.16)
Secunia PSI (3.0.0.3001) (Version: 3.0.0.3001)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (Version: 6.2.00)
Skins (Version: 2008.1210.1623.29379)
Spybot - Search & Destroy (Version: 2.4.40)
SUPERAntiSpyware (Version: 6.0.1158)
swMSM (Version: 12.0.0.1)
System Explorer 6.3.2
TomTom HOME (Version: 2.9.7)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
 

==================== Restore Points  =========================

06-04-2015 14:51:26 Windows Update
09-04-2015 18:56:57 Geplanter Prüfpunkt
10-04-2015 22:04:28 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2012-10-07 15:12 - 00000098 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B633EA0-B459-4C1F-81B4-6248065FF374} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1E646C92-3908-4263-9631-F3F9F306812E} - System32\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E} => C:\Windows\system32\msfeedssync.exe [2015-02-21] (Microsoft Corporation)
Task: {2444ED81-626D-4E17-AB7A-756B19F7398C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3B7DA067-39EC-4C5C-8B24-9A4A4F61AAE0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2015-01-30] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {417DA6D0-EF46-4E3F-8373-17A4BD574666} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - peter => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4F834927-E617-460C-BAE8-435401407DA3} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe No File
Task: {5B1FDAE0-63DD-4DCE-B2C1-DC794A1FE545} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {7A976A87-1BF1-459F-A06E-A325C4E582DC} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe No File
Task: {9D21AC5D-5177-48E9-9FA0-0AA18A1CF529} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {A6AD6A36-B2F4-40E3-8634-6EDE6154BC3F} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Standartkonto => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{F301875A-A68A-4528-8553-CDA8BF71143E}.job => C:\Windows\system32\msfeedssync.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2015 03:13:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 07:43:45 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung SystemExplorer.exe, Version 6.3.2.5317, Zeitstempel 0x54e2e6be, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19034, Zeitstempel 0x52f2ec86, Ausnahmecode 0xc0000005, Fehleroffset 0x000c057d,
Prozess-ID 0xcf4, Anwendungsstartzeit SystemExplorer.exe0.

Error: (04/11/2015 07:41:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 07:12:19 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (04/11/2015 06:11:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 03:36:48 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung SASCORE.EXE, Version 6.0.0.1080, Zeitstempel 0x53cef7fc, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0xc00000b0,
Prozess-ID 0x3ac, Anwendungsstartzeit SASCORE.EXE0.

Error: (04/11/2015 02:54:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/11/2015 02:34:38 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (04/11/2015 02:26:38 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2015 -- Fehler 997. Überlappender E/A-Vorgang wird verarbeitet.
(NULL)(NULL)(NULL)(NULL)

Error: (04/11/2015 01:26:25 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: SA_Error1709: StandardAction(0xC00706AD): Produkt: AVG 2015 -- Fehler 997. Überlappender E/A-Vorgang wird verarbeitet.
(NULL)(NULL)(NULL)(NULL)


System errors:
=============
Error: (04/11/2015 03:23:07 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 114.3.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:23:07 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1987.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:23:07 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1987.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:23:06 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.195.1987.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.7.0205.00

	Quellpfad: 4.7.0205.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: 30000Spybot-S&D 2 Scanner Service

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: adfs%%2

Error: (04/11/2015 03:13:04 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/11/2015 03:12:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\RAIHV.dll126

Error: (04/11/2015 03:11:53 PM) (Source: volmgr) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-04-11 15:38:31.846
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:30.445
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:29.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:27.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:26.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:24.561
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:23.057
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 15:38:21.569
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 02:26:36.317
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-11 02:26:34.344
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG2015\Drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 3065.93 MB
Available physical RAM: 1589.36 MB
Total Pagefile: 6565.18 MB
Available Pagefile: 4930.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.09 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:225.99 GB) (Free:141.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:226.03 GB) (Free:148.85 GB) NTFS
Drive f: (FlashPen) (Removable) (Total:0.47 GB) (Free:0.43 GB) FAT
Drive g: (06-12-12 4K) (Removable) (Total:7.9 GB) (Free:6.35 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 9DAD3428)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=12)

========================================================
Disk: 1 (Size: 480 MB) (Disk ID: 181F2FA7)
Partition 1: (Active) - (Size=480 MB) - (Type=0E)

========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00AFBA73)
Partition 1: (Active) - (Size=8 GB) - (Type=0C)

==================== End Of Log ============================
--- --- ---


Ran by peter (administrator) on 11-04-2015 15:36:52 FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-07-2013 (ATTENTION: FRST version is 636 days old)
Ran by peter (administrator) on 11-04-2015 15:36:52
Running from C:\Users\Standartkonto\Desktop\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() c:\Program Files\Cyberlink\Shared files\RichVideo.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot [363752 2012-09-20] (BillP Studios)
HKLM\...\Run: [MSC] - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [318464 2008-01-21] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [SystemExplorerAutoStart] - "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [3391200 2015-02-17] (Mister Group)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
IMEO\excel.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\framework.launcher.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\msoxmled.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\oaa.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\offdiag.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\ois.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\onenote.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\onenotem.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\pptview.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\psi.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\psi_tray.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\systemexplorer.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\tomtomhome.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\unins000.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\winword.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
HKLM SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)

FireFox:
========
FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default
FF user.js: detected! => C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\user.js
FF Plugin: @java.com/DTPlugin,version=11.25.2 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\donottrackplus@abine.com
FF Extension: Clippings - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
FF Extension: WOT - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: FireFTP - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF Extension: copy-urls-expert - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\copy-urls-expert@kashiif-gmail.com.xpi
FF Extension: firefox - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\firefox@ghostery.com.xpi
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: savedpasswordeditor - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: testpilot - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR HomePage: 96BB5A8244BC882CF6CE0B72F915223CC965EA4C04057A5325CD6FC30CCAA982
CHR DefaultSearchURL: (E221A05549733197EBB7E336E892FC16EF3BAA6A064C78A7CD6622070B9165A2) - 918F0F1EDA7DAA078637E9A1D991B9365596639EE33A44E812F10A9018EDC941
CHR Extension: (Google Slides) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0
CHR Extension: (Google Docs) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0
CHR Extension: (Google Drive) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0
CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Sheets) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0
CHR Extension: (Google Wallet) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0
CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S4 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [69632 2008-10-04] ()
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-11-28] ()
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 RichVideo; c:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
S4 TomTomHOMEService; D:\STRABAG TomTom Home 2\TomTomHOMEService.exe [93072 2013-08-27] (TomTom)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2165560 2014-11-24] (AVG Technologies)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R2 int15; C:\Windows\system32\drivers\int15.sys [12832 2008-10-01] (Acer, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2013-01-23] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2013-01-23] (Nokia)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [150560 2008-08-26] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-11-24] (TuneUp Software)
S2 adfs; No ImagePath
S3 BIOSCHK; \??\C:\Users\peter\AppData\Local\Temp\TII200A.tmp\disk1\BIOSCHK.SYS [x]
S3 catchme; \??\C:\Users\peter\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2015-04-11 07:09 - 2015-04-11 07:09 - 00032846 _____ C:\Users\peter\Documents\def Sa 20150411 C 6 S 5MB s vor FRST ultimo.txt
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setuperr.log
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setupact.log
2015-04-11 02:27 - 2015-04-11 02:27 - 00001379 _____ C:\Users\peter\Documents\checkup.txt
2015-04-11 02:08 - 2015-04-11 02:08 - 00000431 _____ C:\ÄZ'ÄD110415.txt
2015-04-10 20:23 - 2015-04-10 20:23 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu(1).exe
2015-04-10 20:23 - 2015-04-10 20:23 - 00000000 ____D C:\Program Files\ESET
2015-04-10 20:15 - 2015-04-10 20:15 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu.exe
2015-04-05 20:31 - 2015-04-05 20:31 - 00000771 _____ C:\Users\peter\Documents\JRT.txt
2015-04-05 20:30 - 2015-04-05 20:30 - 00000771 _____ C:\Users\peter\Desktop\JRT.txt
2015-04-05 20:24 - 2015-04-05 20:24 - 00000000 ____D C:\RegBackup
2015-04-05 15:59 - 2015-04-05 19:29 - 00000000 ____D C:\AdwCleaner
2015-04-05 15:12 - 2015-04-05 15:12 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-04-05 01:21 - 2015-04-05 01:21 - 00004202 _____ C:\Users\peter\Documents\def So 20150405 D 1 S 31 MB s.txt
2015-04-05 01:07 - 2015-04-05 01:08 - 00005132 _____ C:\Users\peter\Documents\def So 20150405 C 1 S 512 MB s virt Sp n verändert.txt
2015-04-05 00:33 - 2015-04-05 00:33 - 00012946 _____ C:\Users\peter\Documents\def Sa 20150404  zweite C 2 S  5 MB s nDatträgBereinig.txt
2015-04-04 23:49 - 2015-04-04 23:49 - 00004202 _____ C:\Users\peter\Documents\def Sa 20140404 D 1 S 30 MB s n Cbfix.txt
2015-04-04 23:32 - 2015-04-04 23:32 - 00048460 _____ C:\Users\peter\Documents\def Sa 20150404 C 5 S  2 MB s n Cbofix.txt
2015-04-03 19:04 - 2015-04-06 18:00 - 00000000 ____D C:\Users\peter\AppData\Local\temp(70)
2015-04-03 19:04 - 2015-04-03 19:04 - 00014162 _____ C:\ComboFix.txt
2015-04-03 19:04 - 2015-04-03 19:04 - 00000000 ____D C:\Users\Gast\AppData\Local\temp(67)
2015-04-03 14:29 - 2015-04-04 04:32 - 00000000 ____D C:\ComboFix
2015-04-02 13:52 - 2015-04-02 15:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-02 13:49 - 2015-04-10 04:13 - 00000000 ____D C:\Users\peter\Desktop\mbar
2015-04-01 23:34 - 2015-04-01 23:34 - 00025949 _____ C:\Users\Standartkonto\Desktop\Addition.txt
2015-04-01 23:30 - 2015-04-01 23:34 - 00032142 _____ C:\Users\Standartkonto\Desktop\FRST.txt
2015-03-31 22:04 - 2015-04-10 04:40 - 00000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2015-03-31 22:04 - 2015-04-10 04:40 - 00000000 ____D C:\Program Files\AnalogX
2015-03-31 19:31 - 2015-03-31 19:31 - 00000000 __RSD C:\Users\Standartkonto\Documents\My Stationery
2015-03-30 18:37 - 2015-03-30 18:37 - 00000227 _____ C:\Users\peter\Documents\Sys Explor Mo 30 03 15 Progr nur Nr.txt
2015-03-30 10:12 - 2015-03-30 10:12 - 00004444 _____ C:\Users\peter\Documents\def Mo 20150330 D 1 S   15 MB s.txt
2015-03-30 10:11 - 2015-03-30 10:11 - 00027668 _____ C:\Users\peter\Documents\de Mo 20150330 C 5 S W Patrol neues Progr nur Nr.txt
2015-03-29 12:32 - 2015-03-29 12:32 - 00004444 _____ C:\Users\peter\Documents\def So 20150329  D 1 S 32 C 4  n Aal Angrif.txt
2015-03-29 12:17 - 2015-03-29 12:17 - 00017888 _____ C:\Users\peter\Documents\def So 20150329  C  31 S n Aal Angrif.txt
2015-03-28 15:31 - 2015-03-28 15:31 - 00004444 _____ C:\Users\peter\Documents\def Sa 20150328 D 1 S   30 MB s.txt
2015-03-28 15:28 - 2015-03-28 15:28 - 00004754 _____ C:\Users\peter\Documents\def Sa 20150328 C 1 S   42 MB s.txt
2015-03-27 18:15 - 2015-03-27 18:15 - 00004444 _____ C:\Users\peter\Documents\def Fr 20150327  D 1 SLö 2369 Junk Mails 32 MB s.txt
2015-03-27 18:12 - 2015-03-27 18:12 - 00022186 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails 6 MB s.txt
2015-03-27 18:11 - 2015-03-27 18:11 - 00022124 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails.txt
2015-03-26 21:32 - 2015-03-26 21:32 - 03209401 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203233.cab
2015-03-26 21:30 - 2015-03-26 21:30 - 03207307 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203014.cab
2015-03-24 07:43 - 2015-03-24 07:43 - 00027734 _____ C:\Users\peter\Documents\DEF Di 24 03 15 C 4 S 2 MB s vor Junk 3000 AVG löschj.txt
2015-03-22 23:13 - 2015-03-22 23:14 - 00000000 ____D C:\Users\peter\Documents\Z 2 Standart Kto Anfrage AVG Update
2015-03-22 21:47 - 2015-03-22 21:47 - 01919272 _____ (Mister Group                                                ) C:\Users\peter\Downloads\SystemExplorerSetup_640.exe
2015-03-22 17:53 - 2015-03-22 21:25 - 00000000 ____D C:\Users\peter\Documents\Z 1 Admin BKto Sichh BS
2015-03-21 19:52 - 2015-03-21 19:52 - 00001962 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 19:52 - 2015-03-21 19:52 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2013-09-20 11:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-03-21 14:57 - 2015-03-21 14:57 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG
2015-03-21 14:54 - 2015-03-21 14:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG2015
2015-03-21 14:53 - 2015-03-21 19:48 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg2015
2015-03-21 14:52 - 2015-03-21 14:52 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg
2015-03-20 07:17 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-20 07:16 - 2015-02-26 02:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-20 07:16 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-20 07:07 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-20 07:07 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-20 07:06 - 2015-02-26 04:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-20 07:06 - 2015-02-26 04:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-20 07:06 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-20 07:06 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-20 07:06 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-20 07:03 - 2015-03-06 06:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-20 07:02 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-20 07:01 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 23:08 - 2015-03-14 23:08 - 00000008 _____ C:\Users\Standartkonto\Desktop\MSDOSnc.txt
2015-03-12 19:18 - 2008-01-21 04:42 - 00000230 _____ C:\Users\Standartkonto\Desktop\Control Panel - Kopie.lnk

==================== One Month Modified Files and Folders =======

2015-04-11 15:25 - 2014-12-15 00:49 - 00000000 ____D C:\ProgramData\MFAData
2015-04-11 15:23 - 2009-08-17 17:19 - 01632220 _____ C:\Windows\WindowsUpdate.log
2015-04-11 15:17 - 2006-11-02 12:33 - 01567460 _____ C:\Windows\system32\PerfStringBackup.INI
2015-04-11 15:12 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-04-11 15:12 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 15:12 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 15:09 - 2012-10-04 12:42 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-11 07:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2015-04-11 07:09 - 2015-04-11 07:09 - 00032846 _____ C:\Users\peter\Documents\def Sa 20150411 C 6 S 5MB s vor FRST ultimo.txt
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setuperr.log
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setupact.log
2015-04-11 02:27 - 2015-04-11 02:27 - 00001379 _____ C:\Users\peter\Documents\checkup.txt
2015-04-11 02:20 - 2012-11-10 21:56 - 00000000 ___RD C:\Users\Standartkonto\Desktop\Desktop
2015-04-11 02:08 - 2015-04-11 02:08 - 00000431 _____ C:\ÄZ'ÄD110415.txt
2015-04-10 20:23 - 2015-04-10 20:23 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu(1).exe
2015-04-10 20:23 - 2015-04-10 20:23 - 00000000 ____D C:\Program Files\ESET
2015-04-10 20:15 - 2015-04-10 20:15 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu.exe
2015-04-10 19:38 - 2012-10-04 15:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-04-10 19:38 - 2011-03-10 21:16 - 00000850 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-10 04:41 - 2009-11-04 22:13 - 00000000 ____D C:\Users\Gast
2015-04-10 04:41 - 2009-11-04 21:31 - 00000000 ____D C:\Users\Standartkonto
2015-04-10 04:41 - 2009-09-08 20:41 - 00000000 ____D C:\Users\peter
2015-04-10 04:41 - 2006-11-02 12:22 - 53739520 _____ C:\Windows\system32\config\software_previous
2015-04-10 04:41 - 2006-11-02 12:22 - 37486592 _____ C:\Windows\system32\config\system_previous
2015-04-10 04:40 - 2015-03-31 22:04 - 00000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2015-04-10 04:40 - 2015-03-31 22:04 - 00000000 ____D C:\Program Files\AnalogX
2015-04-10 04:40 - 2013-04-25 10:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-04-10 04:40 - 2012-12-01 10:13 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-04-10 04:40 - 2010-10-06 23:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-04-10 04:40 - 2009-11-07 18:56 - 00000000 ____D C:\ProgramData\FLEXnet
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-04-10 04:38 - 2009-08-17 17:26 - 00000000 ____D C:\Program Files\Convesoft
2015-04-10 04:33 - 2006-11-02 12:22 - 00094208 _____ C:\Windows\system32\config\sam_previous
2015-04-10 04:33 - 2006-11-02 12:22 - 00024576 _____ C:\Windows\system32\config\security_previous
2015-04-10 04:13 - 2015-04-02 13:49 - 00000000 ____D C:\Users\peter\Desktop\mbar
2015-04-06 19:44 - 2009-11-04 21:31 - 00000000 ___RD C:\Users\Standartkonto\Desktop
2015-04-06 18:00 - 2015-04-03 19:04 - 00000000 ____D C:\Users\peter\AppData\Local\temp(70)
2015-04-05 20:31 - 2015-04-05 20:31 - 00000771 _____ C:\Users\peter\Documents\JRT.txt
2015-04-05 20:30 - 2015-04-05 20:30 - 00000771 _____ C:\Users\peter\Desktop\JRT.txt
2015-04-05 20:30 - 2009-09-08 20:41 - 00000000 ___RD C:\Users\peter\Desktop
2015-04-05 20:24 - 2015-04-05 20:24 - 00000000 ____D C:\RegBackup
2015-04-05 19:52 - 2015-01-10 03:15 - 00003780 _____ C:\Windows\PFRO.log
2015-04-05 19:29 - 2015-04-05 15:59 - 00000000 ____D C:\AdwCleaner
2015-04-05 15:12 - 2015-04-05 15:12 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-04-05 15:12 - 2010-09-01 20:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-04-05 15:12 - 2006-11-02 15:02 - 00000000 __RHD C:\Users\Public\Desktop
2015-04-05 01:21 - 2015-04-05 01:21 - 00004202 _____ C:\Users\peter\Documents\def So 20150405 D 1 S 31 MB s.txt
2015-04-05 01:08 - 2015-04-05 01:07 - 00005132 _____ C:\Users\peter\Documents\def So 20150405 C 1 S 512 MB s virt Sp n verändert.txt
2015-04-05 00:33 - 2015-04-05 00:33 - 00012946 _____ C:\Users\peter\Documents\def Sa 20150404  zweite C 2 S  5 MB s nDatträgBereinig.txt
2015-04-04 23:49 - 2015-04-04 23:49 - 00004202 _____ C:\Users\peter\Documents\def Sa 20140404 D 1 S 30 MB s n Cbfix.txt
2015-04-04 23:32 - 2015-04-04 23:32 - 00048460 _____ C:\Users\peter\Documents\def Sa 20150404 C 5 S  2 MB s n Cbofix.txt
2015-04-04 04:32 - 2015-04-03 14:29 - 00000000 ____D C:\ComboFix
2015-04-03 19:04 - 2015-04-03 19:04 - 00014162 _____ C:\ComboFix.txt
2015-04-03 19:04 - 2015-04-03 19:04 - 00000000 ____D C:\Users\Gast\AppData\Local\temp(67)
2015-04-03 19:04 - 2013-07-24 05:25 - 00000000 ____D C:\Qoobox
2015-04-03 09:44 - 2010-04-05 14:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-04-02 15:17 - 2015-04-02 13:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-01 23:34 - 2015-04-01 23:34 - 00025949 _____ C:\Users\Standartkonto\Desktop\Addition.txt
2015-04-01 23:34 - 2015-04-01 23:30 - 00032142 _____ C:\Users\Standartkonto\Desktop\FRST.txt
2015-04-01 23:34 - 2013-07-15 03:14 - 00000000 ____D C:\FRST
2015-04-01 23:30 - 2006-11-02 12:22 - 46661632 _____ C:\Windows\system32\config\components_previous
2015-04-01 23:21 - 2006-11-02 12:22 - 05402624 _____ C:\Windows\system32\config\default_previous
2015-03-31 22:26 - 2009-09-27 13:06 - 00000000 ____D C:\Program Files\Adobe
2015-03-31 22:26 - 2009-01-22 20:28 - 00000000 ____D C:\ProgramData\Adobe
2015-03-31 22:26 - 2009-01-22 20:28 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-03-31 19:31 - 2015-03-31 19:31 - 00000000 __RSD C:\Users\Standartkonto\Documents\My Stationery
2015-03-30 18:37 - 2015-03-30 18:37 - 00000227 _____ C:\Users\peter\Documents\Sys Explor Mo 30 03 15 Progr nur Nr.txt
2015-03-30 10:12 - 2015-03-30 10:12 - 00004444 _____ C:\Users\peter\Documents\def Mo 20150330 D 1 S   15 MB s.txt
2015-03-30 10:11 - 2015-03-30 10:11 - 00027668 _____ C:\Users\peter\Documents\de Mo 20150330 C 5 S W Patrol neues Progr nur Nr.txt
2015-03-29 12:32 - 2015-03-29 12:32 - 00004444 _____ C:\Users\peter\Documents\def So 20150329  D 1 S 32 C 4  n Aal Angrif.txt
2015-03-29 12:17 - 2015-03-29 12:17 - 00017888 _____ C:\Users\peter\Documents\def So 20150329  C  31 S n Aal Angrif.txt
2015-03-28 15:31 - 2015-03-28 15:31 - 00004444 _____ C:\Users\peter\Documents\def Sa 20150328 D 1 S   30 MB s.txt
2015-03-28 15:28 - 2015-03-28 15:28 - 00004754 _____ C:\Users\peter\Documents\def Sa 20150328 C 1 S   42 MB s.txt
2015-03-28 09:43 - 2008-02-06 02:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2015-03-27 18:15 - 2015-03-27 18:15 - 00004444 _____ C:\Users\peter\Documents\def Fr 20150327  D 1 SLö 2369 Junk Mails 32 MB s.txt
2015-03-27 18:12 - 2015-03-27 18:12 - 00022186 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails 6 MB s.txt
2015-03-27 18:11 - 2015-03-27 18:11 - 00022124 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails.txt
2015-03-26 22:51 - 2009-09-20 11:54 - 00000000 ____D C:\Users\peter\AppData\Local\Adobe
2015-03-26 21:32 - 2015-03-26 21:32 - 03209401 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203233.cab
2015-03-26 21:30 - 2015-03-26 21:30 - 03207307 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203014.cab
2015-03-24 07:43 - 2015-03-24 07:43 - 00027734 _____ C:\Users\peter\Documents\DEF Di 24 03 15 C 4 S 2 MB s vor Junk 3000 AVG löschj.txt
2015-03-22 23:14 - 2015-03-22 23:13 - 00000000 ____D C:\Users\peter\Documents\Z 2 Standart Kto Anfrage AVG Update
2015-03-22 21:47 - 2015-03-22 21:47 - 01919272 _____ (Mister Group                                                ) C:\Users\peter\Downloads\SystemExplorerSetup_640.exe
2015-03-22 21:25 - 2015-03-22 17:53 - 00000000 ____D C:\Users\peter\Documents\Z 1 Admin BKto Sichh BS
2015-03-22 13:41 - 2009-09-08 20:42 - 00000000 ____D C:\Users\peter\AppData\Local\VirtualStore
2015-03-21 19:52 - 2015-03-21 19:52 - 00001962 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 19:52 - 2015-03-21 19:52 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-03-21 19:48 - 2015-03-21 14:53 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg2015
2015-03-21 15:25 - 2009-11-04 22:13 - 00001832 _____ C:\Users\Gast\Desktop\Cyberlink PowerDirector.lnk
2015-03-21 14:57 - 2015-03-21 14:57 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG
2015-03-21 14:54 - 2015-03-21 14:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG2015
2015-03-21 14:54 - 2009-11-04 22:13 - 00078600 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-21 14:52 - 2015-03-21 14:52 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg
2015-03-20 16:34 - 2006-11-02 14:47 - 02261216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-03-20 07:17 - 2009-01-22 20:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-03-20 07:16 - 2013-07-23 16:22 - 00000000 ____D C:\Windows\system32\MRT
2015-03-20 07:08 - 2006-11-02 12:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-15 19:58 - 2014-03-04 12:05 - 00000000 ____D C:\Users\Standartkonto\Documents\A 2014 FP C gesamt
2015-03-14 23:08 - 2015-03-14 23:08 - 00000008 _____ C:\Users\Standartkonto\Desktop\MSDOSnc.txt

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2015-04-11 15:20

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 12.04.2015, 12:15   #15
petertroj
 
malware aal entfernen Antivir -Programme erkennen nichts - Standard

malware aal entfernen Antivir -Programme erkennen nichts


Ran by peter (administrator) on 11-04-2015 15:36:52 FRST_11-04-2015_15_41_03.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-07-2013 (ATTENTION: FRST version is 636 days old)
Ran by peter (administrator) on 11-04-2015 15:36:52
Running from C:\Users\Standartkonto\Desktop\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() c:\Program Files\Cyberlink\Shared files\RichVideo.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot [363752 2012-09-20] (BillP Studios)
HKLM\...\Run: [MSC] - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [318464 2008-01-21] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [SystemExplorerAutoStart] - "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY [3391200 2015-02-17] (Mister Group)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
IMEO\excel.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\framework.launcher.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\msoxmled.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\oaa.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\offdiag.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\ois.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\onenote.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\onenotem.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\pptview.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\psi.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\psi_tray.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\systemexplorer.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\tomtomhome.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\unins000.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\winword.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Standartkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
HKLM SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = 
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)

FireFox:
========
FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default
FF user.js: detected! => C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\user.js
FF Plugin: @java.com/DTPlugin,version=11.25.2 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\donottrackplus@abine.com
FF Extension: Clippings - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
FF Extension: WOT - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: FireFTP - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF Extension: copy-urls-expert - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\copy-urls-expert@kashiif-gmail.com.xpi
FF Extension: firefox - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\firefox@ghostery.com.xpi
FF Extension: jid1-F9UJ2thwoAm5gQ - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
FF Extension: savedpasswordeditor - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: testpilot - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\7k3nytxg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR HomePage: 96BB5A8244BC882CF6CE0B72F915223CC965EA4C04057A5325CD6FC30CCAA982
CHR DefaultSearchURL: (E221A05549733197EBB7E336E892FC16EF3BAA6A064C78A7CD6622070B9165A2) - 918F0F1EDA7DAA078637E9A1D991B9365596639EE33A44E812F10A9018EDC941
CHR Extension: (Google Slides) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0
CHR Extension: (Google Docs) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0
CHR Extension: (Google Drive) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0
CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Sheets) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0
CHR Extension: (Google Wallet) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0
CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S4 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [69632 2008-10-04] ()
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-11-28] ()
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 RichVideo; c:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
S4 TomTomHOMEService; D:\STRABAG TomTom Home 2\TomTomHOMEService.exe [93072 2013-08-27] (TomTom)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2165560 2014-11-24] (AVG Technologies)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R2 int15; C:\Windows\system32\drivers\int15.sys [12832 2008-10-01] (Acer, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2013-01-23] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2013-01-23] (Nokia)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [150560 2008-08-26] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-11-24] (TuneUp Software)
S2 adfs; No ImagePath
S3 BIOSCHK; \??\C:\Users\peter\AppData\Local\Temp\TII200A.tmp\disk1\BIOSCHK.SYS [x]
S3 catchme; \??\C:\Users\peter\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2015-04-11 07:09 - 2015-04-11 07:09 - 00032846 _____ C:\Users\peter\Documents\def Sa 20150411 C 6 S 5MB s vor FRST ultimo.txt
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setuperr.log
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setupact.log
2015-04-11 02:27 - 2015-04-11 02:27 - 00001379 _____ C:\Users\peter\Documents\checkup.txt
2015-04-11 02:08 - 2015-04-11 02:08 - 00000431 _____ C:\ÄZ'ÄD110415.txt
2015-04-10 20:23 - 2015-04-10 20:23 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu(1).exe
2015-04-10 20:23 - 2015-04-10 20:23 - 00000000 ____D C:\Program Files\ESET
2015-04-10 20:15 - 2015-04-10 20:15 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu.exe
2015-04-05 20:31 - 2015-04-05 20:31 - 00000771 _____ C:\Users\peter\Documents\JRT.txt
2015-04-05 20:30 - 2015-04-05 20:30 - 00000771 _____ C:\Users\peter\Desktop\JRT.txt
2015-04-05 20:24 - 2015-04-05 20:24 - 00000000 ____D C:\RegBackup
2015-04-05 15:59 - 2015-04-05 19:29 - 00000000 ____D C:\AdwCleaner
2015-04-05 15:12 - 2015-04-05 15:12 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-04-05 01:21 - 2015-04-05 01:21 - 00004202 _____ C:\Users\peter\Documents\def So 20150405 D 1 S 31 MB s.txt
2015-04-05 01:07 - 2015-04-05 01:08 - 00005132 _____ C:\Users\peter\Documents\def So 20150405 C 1 S 512 MB s virt Sp n verändert.txt
2015-04-05 00:33 - 2015-04-05 00:33 - 00012946 _____ C:\Users\peter\Documents\def Sa 20150404  zweite C 2 S  5 MB s nDatträgBereinig.txt
2015-04-04 23:49 - 2015-04-04 23:49 - 00004202 _____ C:\Users\peter\Documents\def Sa 20140404 D 1 S 30 MB s n Cbfix.txt
2015-04-04 23:32 - 2015-04-04 23:32 - 00048460 _____ C:\Users\peter\Documents\def Sa 20150404 C 5 S  2 MB s n Cbofix.txt
2015-04-03 19:04 - 2015-04-06 18:00 - 00000000 ____D C:\Users\peter\AppData\Local\temp(70)
2015-04-03 19:04 - 2015-04-03 19:04 - 00014162 _____ C:\ComboFix.txt
2015-04-03 19:04 - 2015-04-03 19:04 - 00000000 ____D C:\Users\Gast\AppData\Local\temp(67)
2015-04-03 14:29 - 2015-04-04 04:32 - 00000000 ____D C:\ComboFix
2015-04-02 13:52 - 2015-04-02 15:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-02 13:49 - 2015-04-10 04:13 - 00000000 ____D C:\Users\peter\Desktop\mbar
2015-04-01 23:34 - 2015-04-01 23:34 - 00025949 _____ C:\Users\Standartkonto\Desktop\Addition.txt
2015-04-01 23:30 - 2015-04-01 23:34 - 00032142 _____ C:\Users\Standartkonto\Desktop\FRST.txt
2015-03-31 22:04 - 2015-04-10 04:40 - 00000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2015-03-31 22:04 - 2015-04-10 04:40 - 00000000 ____D C:\Program Files\AnalogX
2015-03-31 19:31 - 2015-03-31 19:31 - 00000000 __RSD C:\Users\Standartkonto\Documents\My Stationery
2015-03-30 18:37 - 2015-03-30 18:37 - 00000227 _____ C:\Users\peter\Documents\Sys Explor Mo 30 03 15 Progr nur Nr.txt
2015-03-30 10:12 - 2015-03-30 10:12 - 00004444 _____ C:\Users\peter\Documents\def Mo 20150330 D 1 S   15 MB s.txt
2015-03-30 10:11 - 2015-03-30 10:11 - 00027668 _____ C:\Users\peter\Documents\de Mo 20150330 C 5 S W Patrol neues Progr nur Nr.txt
2015-03-29 12:32 - 2015-03-29 12:32 - 00004444 _____ C:\Users\peter\Documents\def So 20150329  D 1 S 32 C 4  n Aal Angrif.txt
2015-03-29 12:17 - 2015-03-29 12:17 - 00017888 _____ C:\Users\peter\Documents\def So 20150329  C  31 S n Aal Angrif.txt
2015-03-28 15:31 - 2015-03-28 15:31 - 00004444 _____ C:\Users\peter\Documents\def Sa 20150328 D 1 S   30 MB s.txt
2015-03-28 15:28 - 2015-03-28 15:28 - 00004754 _____ C:\Users\peter\Documents\def Sa 20150328 C 1 S   42 MB s.txt
2015-03-27 18:15 - 2015-03-27 18:15 - 00004444 _____ C:\Users\peter\Documents\def Fr 20150327  D 1 SLö 2369 Junk Mails 32 MB s.txt
2015-03-27 18:12 - 2015-03-27 18:12 - 00022186 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails 6 MB s.txt
2015-03-27 18:11 - 2015-03-27 18:11 - 00022124 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails.txt
2015-03-26 21:32 - 2015-03-26 21:32 - 03209401 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203233.cab
2015-03-26 21:30 - 2015-03-26 21:30 - 03207307 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203014.cab
2015-03-24 07:43 - 2015-03-24 07:43 - 00027734 _____ C:\Users\peter\Documents\DEF Di 24 03 15 C 4 S 2 MB s vor Junk 3000 AVG löschj.txt
2015-03-22 23:13 - 2015-03-22 23:14 - 00000000 ____D C:\Users\peter\Documents\Z 2 Standart Kto Anfrage AVG Update
2015-03-22 21:47 - 2015-03-22 21:47 - 01919272 _____ (Mister Group                                                ) C:\Users\peter\Downloads\SystemExplorerSetup_640.exe
2015-03-22 17:53 - 2015-03-22 21:25 - 00000000 ____D C:\Users\peter\Documents\Z 1 Admin BKto Sichh BS
2015-03-21 19:52 - 2015-03-21 19:52 - 00001962 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 19:52 - 2015-03-21 19:52 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2013-09-20 11:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-03-21 14:57 - 2015-03-21 14:57 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG
2015-03-21 14:54 - 2015-03-21 14:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG2015
2015-03-21 14:53 - 2015-03-21 19:48 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg2015
2015-03-21 14:52 - 2015-03-21 14:52 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg
2015-03-20 07:17 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-20 07:16 - 2015-02-26 02:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-20 07:16 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-20 07:07 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-20 07:07 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-20 07:06 - 2015-02-26 04:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-20 07:06 - 2015-02-26 04:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-20 07:06 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-20 07:06 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-20 07:06 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-20 07:03 - 2015-03-06 06:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-20 07:02 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-20 07:01 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 23:08 - 2015-03-14 23:08 - 00000008 _____ C:\Users\Standartkonto\Desktop\MSDOSnc.txt
2015-03-12 19:18 - 2008-01-21 04:42 - 00000230 _____ C:\Users\Standartkonto\Desktop\Control Panel - Kopie.lnk

==================== One Month Modified Files and Folders =======

2015-04-11 15:25 - 2014-12-15 00:49 - 00000000 ____D C:\ProgramData\MFAData
2015-04-11 15:23 - 2009-08-17 17:19 - 01632220 _____ C:\Windows\WindowsUpdate.log
2015-04-11 15:17 - 2006-11-02 12:33 - 01567460 _____ C:\Windows\system32\PerfStringBackup.INI
2015-04-11 15:12 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-04-11 15:12 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 15:12 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 15:09 - 2012-10-04 12:42 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-11 07:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2015-04-11 07:09 - 2015-04-11 07:09 - 00032846 _____ C:\Users\peter\Documents\def Sa 20150411 C 6 S 5MB s vor FRST ultimo.txt
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setuperr.log
2015-04-11 06:20 - 2015-04-11 06:20 - 00000000 _____ C:\Windows\setupact.log
2015-04-11 02:27 - 2015-04-11 02:27 - 00001379 _____ C:\Users\peter\Documents\checkup.txt
2015-04-11 02:20 - 2012-11-10 21:56 - 00000000 ___RD C:\Users\Standartkonto\Desktop\Desktop
2015-04-11 02:08 - 2015-04-11 02:08 - 00000431 _____ C:\ÄZ'ÄD110415.txt
2015-04-10 20:23 - 2015-04-10 20:23 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu(1).exe
2015-04-10 20:23 - 2015-04-10 20:23 - 00000000 ____D C:\Program Files\ESET
2015-04-10 20:15 - 2015-04-10 20:15 - 02347384 _____ (ESET) C:\Users\peter\Downloads\esetsmartinstaller_deu.exe
2015-04-10 19:38 - 2012-10-04 15:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-04-10 19:38 - 2011-03-10 21:16 - 00000850 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-10 04:41 - 2009-11-04 22:13 - 00000000 ____D C:\Users\Gast
2015-04-10 04:41 - 2009-11-04 21:31 - 00000000 ____D C:\Users\Standartkonto
2015-04-10 04:41 - 2009-09-08 20:41 - 00000000 ____D C:\Users\peter
2015-04-10 04:41 - 2006-11-02 12:22 - 53739520 _____ C:\Windows\system32\config\software_previous
2015-04-10 04:41 - 2006-11-02 12:22 - 37486592 _____ C:\Windows\system32\config\system_previous
2015-04-10 04:40 - 2015-03-31 22:04 - 00000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnalogX
2015-04-10 04:40 - 2015-03-31 22:04 - 00000000 ____D C:\Program Files\AnalogX
2015-04-10 04:40 - 2013-04-25 10:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-04-10 04:40 - 2012-12-01 10:13 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-04-10 04:40 - 2010-10-06 23:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-04-10 04:40 - 2009-11-07 18:56 - 00000000 ____D C:\ProgramData\FLEXnet
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2015-04-10 04:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-04-10 04:38 - 2009-08-17 17:26 - 00000000 ____D C:\Program Files\Convesoft
2015-04-10 04:33 - 2006-11-02 12:22 - 00094208 _____ C:\Windows\system32\config\sam_previous
2015-04-10 04:33 - 2006-11-02 12:22 - 00024576 _____ C:\Windows\system32\config\security_previous
2015-04-10 04:13 - 2015-04-02 13:49 - 00000000 ____D C:\Users\peter\Desktop\mbar
2015-04-06 19:44 - 2009-11-04 21:31 - 00000000 ___RD C:\Users\Standartkonto\Desktop
2015-04-06 18:00 - 2015-04-03 19:04 - 00000000 ____D C:\Users\peter\AppData\Local\temp(70)
2015-04-05 20:31 - 2015-04-05 20:31 - 00000771 _____ C:\Users\peter\Documents\JRT.txt
2015-04-05 20:30 - 2015-04-05 20:30 - 00000771 _____ C:\Users\peter\Desktop\JRT.txt
2015-04-05 20:30 - 2009-09-08 20:41 - 00000000 ___RD C:\Users\peter\Desktop
2015-04-05 20:24 - 2015-04-05 20:24 - 00000000 ____D C:\RegBackup
2015-04-05 19:52 - 2015-01-10 03:15 - 00003780 _____ C:\Windows\PFRO.log
2015-04-05 19:29 - 2015-04-05 15:59 - 00000000 ____D C:\AdwCleaner
2015-04-05 15:12 - 2015-04-05 15:12 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-04-05 15:12 - 2010-09-01 20:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-04-05 15:12 - 2006-11-02 15:02 - 00000000 __RHD C:\Users\Public\Desktop
2015-04-05 01:21 - 2015-04-05 01:21 - 00004202 _____ C:\Users\peter\Documents\def So 20150405 D 1 S 31 MB s.txt
2015-04-05 01:08 - 2015-04-05 01:07 - 00005132 _____ C:\Users\peter\Documents\def So 20150405 C 1 S 512 MB s virt Sp n verändert.txt
2015-04-05 00:33 - 2015-04-05 00:33 - 00012946 _____ C:\Users\peter\Documents\def Sa 20150404  zweite C 2 S  5 MB s nDatträgBereinig.txt
2015-04-04 23:49 - 2015-04-04 23:49 - 00004202 _____ C:\Users\peter\Documents\def Sa 20140404 D 1 S 30 MB s n Cbfix.txt
2015-04-04 23:32 - 2015-04-04 23:32 - 00048460 _____ C:\Users\peter\Documents\def Sa 20150404 C 5 S  2 MB s n Cbofix.txt
2015-04-04 04:32 - 2015-04-03 14:29 - 00000000 ____D C:\ComboFix
2015-04-03 19:04 - 2015-04-03 19:04 - 00014162 _____ C:\ComboFix.txt
2015-04-03 19:04 - 2015-04-03 19:04 - 00000000 ____D C:\Users\Gast\AppData\Local\temp(67)
2015-04-03 19:04 - 2013-07-24 05:25 - 00000000 ____D C:\Qoobox
2015-04-03 09:44 - 2010-04-05 14:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-04-02 15:17 - 2015-04-02 13:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-01 23:34 - 2015-04-01 23:34 - 00025949 _____ C:\Users\Standartkonto\Desktop\Addition.txt
2015-04-01 23:34 - 2015-04-01 23:30 - 00032142 _____ C:\Users\Standartkonto\Desktop\FRST.txt
2015-04-01 23:34 - 2013-07-15 03:14 - 00000000 ____D C:\FRST
2015-04-01 23:30 - 2006-11-02 12:22 - 46661632 _____ C:\Windows\system32\config\components_previous
2015-04-01 23:21 - 2006-11-02 12:22 - 05402624 _____ C:\Windows\system32\config\default_previous
2015-03-31 22:26 - 2009-09-27 13:06 - 00000000 ____D C:\Program Files\Adobe
2015-03-31 22:26 - 2009-01-22 20:28 - 00000000 ____D C:\ProgramData\Adobe
2015-03-31 22:26 - 2009-01-22 20:28 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-03-31 19:31 - 2015-03-31 19:31 - 00000000 __RSD C:\Users\Standartkonto\Documents\My Stationery
2015-03-30 18:37 - 2015-03-30 18:37 - 00000227 _____ C:\Users\peter\Documents\Sys Explor Mo 30 03 15 Progr nur Nr.txt
2015-03-30 10:12 - 2015-03-30 10:12 - 00004444 _____ C:\Users\peter\Documents\def Mo 20150330 D 1 S   15 MB s.txt
2015-03-30 10:11 - 2015-03-30 10:11 - 00027668 _____ C:\Users\peter\Documents\de Mo 20150330 C 5 S W Patrol neues Progr nur Nr.txt
2015-03-29 12:32 - 2015-03-29 12:32 - 00004444 _____ C:\Users\peter\Documents\def So 20150329  D 1 S 32 C 4  n Aal Angrif.txt
2015-03-29 12:17 - 2015-03-29 12:17 - 00017888 _____ C:\Users\peter\Documents\def So 20150329  C  31 S n Aal Angrif.txt
2015-03-28 15:31 - 2015-03-28 15:31 - 00004444 _____ C:\Users\peter\Documents\def Sa 20150328 D 1 S   30 MB s.txt
2015-03-28 15:28 - 2015-03-28 15:28 - 00004754 _____ C:\Users\peter\Documents\def Sa 20150328 C 1 S   42 MB s.txt
2015-03-28 09:43 - 2008-02-06 02:58 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2015-03-27 18:15 - 2015-03-27 18:15 - 00004444 _____ C:\Users\peter\Documents\def Fr 20150327  D 1 SLö 2369 Junk Mails 32 MB s.txt
2015-03-27 18:12 - 2015-03-27 18:12 - 00022186 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails 6 MB s.txt
2015-03-27 18:11 - 2015-03-27 18:11 - 00022124 _____ C:\Users\peter\Documents\def Fr 20150327  C 4 SLö 2369 Junk Mails.txt
2015-03-26 22:51 - 2009-09-20 11:54 - 00000000 ____D C:\Users\peter\AppData\Local\Adobe
2015-03-26 21:32 - 2015-03-26 21:32 - 03209401 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203233.cab
2015-03-26 21:30 - 2015-03-26 21:30 - 03207307 _____ C:\Users\peter\Desktop\TeamSpybot-20150326-203014.cab
2015-03-24 07:43 - 2015-03-24 07:43 - 00027734 _____ C:\Users\peter\Documents\DEF Di 24 03 15 C 4 S 2 MB s vor Junk 3000 AVG löschj.txt
2015-03-22 23:14 - 2015-03-22 23:13 - 00000000 ____D C:\Users\peter\Documents\Z 2 Standart Kto Anfrage AVG Update
2015-03-22 21:47 - 2015-03-22 21:47 - 01919272 _____ (Mister Group                                                ) C:\Users\peter\Downloads\SystemExplorerSetup_640.exe
2015-03-22 21:25 - 2015-03-22 17:53 - 00000000 ____D C:\Users\peter\Documents\Z 1 Admin BKto Sichh BS
2015-03-22 13:41 - 2009-09-08 20:42 - 00000000 ____D C:\Users\peter\AppData\Local\VirtualStore
2015-03-21 19:52 - 2015-03-21 19:52 - 00001962 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-21 19:52 - 2015-03-21 19:52 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-03-21 19:52 - 2015-03-21 19:52 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-03-21 19:48 - 2015-03-21 14:53 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg2015
2015-03-21 15:25 - 2009-11-04 22:13 - 00001832 _____ C:\Users\Gast\Desktop\Cyberlink PowerDirector.lnk
2015-03-21 14:57 - 2015-03-21 14:57 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG
2015-03-21 14:54 - 2015-03-21 14:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVG2015
2015-03-21 14:54 - 2009-11-04 22:13 - 00078600 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-21 14:52 - 2015-03-21 14:52 - 00000000 ____D C:\Users\Gast\AppData\Local\Avg
2015-03-20 16:34 - 2006-11-02 14:47 - 02261216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-03-20 07:17 - 2009-01-22 20:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-03-20 07:16 - 2013-07-23 16:22 - 00000000 ____D C:\Windows\system32\MRT
2015-03-20 07:08 - 2006-11-02 12:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-15 19:58 - 2014-03-04 12:05 - 00000000 ____D C:\Users\Standartkonto\Documents\A 2014 FP C gesamt
2015-03-14 23:08 - 2015-03-14 23:08 - 00000008 _____ C:\Users\Standartkonto\Desktop\MSDOSnc.txt

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2015-04-11 15:20

==================== End Of Log ============================
--- --- ---

11.04.15 02.27 h security-check checkup.txt
Code:
ATTFilter
 Results of screen317's Security Check version 1.00  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
AVG Internet Security 2015      
Microsoft Security Essentials   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Out of date HijackThis  installed! 
 Spybot - Search & Destroy 
 SUPERAntiSpyware     
 Secunia PSI (3.0.0.3001)   
 HijackThis 2.0.2    
 AVG PC TuneUp 2015  
 AVG PC TuneUp 2015 (de-DE) 
 AVG PC TuneUp 2015  
 Java 8 Update 25  
 Java version 32-bit out of Date! 
  Adobe Flash Player 	15.0.0.246 Flash Player out of Date!  
 Mozilla Firefox (5.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 WinPatrol winpatrol.exe 
 Spybot Teatimer.exe is disabled! 
 AVG avgwdsvc.exe 
 AVG avgrsx.exe 
 AVG avgnsx.exe 
 AVG avgemc.exe 
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
11.04.15 09.41 h SuD Cleaning log 150411-082924.xml.cleaning
Code:
ATTFilter
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	MS Management Console
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	MS Direct3D
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	MS DirectInput
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-501\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-501\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-501\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-501\Software\Microsoft\DirectInput\MostRecentApplication\Id
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	MS Paint
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	MS Wordpad
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	Windows Explorer
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	Windows Media SDK
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	15-04-11 09:41:53	Moving into quarantine	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+]	15-04-11 09:41:53	Successfully cleaned	HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	Cookie
[+]	15-04-11 09:41:53	Moving into quarantine	Internet Explorer (User) (Standartkonto)Cookies
[+]	15-04-11 09:41:53	Successfully cleaned	Internet Explorer (User) (Standartkonto)Cookies
[i]	15-04-11 09:41:53		
[i]	15-04-11 09:41:53	Product	History
[+]	15-04-11 09:41:53	Moving into quarantine	Internet Explorer (User) (Standartkonto)History
[+]	15-04-11 09:41:54	Successfully cleaned	Internet Explorer (User) (Standartkonto)History
[i]	15-04-11 09:41:54		
[i]	15-04-11 09:41:54	Summary	
[i]	15-04-11 09:41:54	Errors while cleaning	0
[i]	15-04-11 09:41:54	Files moved into quarantine	20
[i]	15-04-11 09:41:54	Files successfully cleaned	20
11.04.15 08.53 h SuD Checks.150411-0853.txt
Code:
ATTFilter
Search results from Spybot - Search & Destroy

11.04.2015 08:53:09
Scan took 00:23:44.
20 items found.

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Microsoft Management Console\Recent File List

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-501\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-501\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1765665137-1713434591-3169019743-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (4) (Browser: Cookie, nothing done)
  

History: [SBI $49804B54] Browser: History (86) (Browser: History, nothing done)
  


--- Spybot - Search & Destroy version: 2.4.40.131  DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2015-03-21 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2015-02-27 Includes\Adware-001.sbi (*)
2015-03-31 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-11-14 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2014-11-14 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2015-03-31 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2015-03-31 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-11-14 Includes\Spyware-000.sbi (*)
2014-12-10 Includes\Spyware-001.sbi (*)
2015-01-14 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2015-03-31 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
11.04.15 15.36 h SuD Proxy.log
Code:
ATTFilter
SDFSSvc.exe [2015-04-11 15:36:50]  ------ Error:  ------ 
SDFSSvc.exe [2015-04-11 15:36:51]  -- hxxp://download.bleepingcomputer.com/farbar/FRST.exe
SDFSSvc.exe [2015-04-11 15:36:51]  - "127.0.0.1" - "GET hxxp://download.bleepingcomputer.com/farbar/FRST.exe HTTP/1.1" "AutoIt"
SDFSSvc.exe [2015-04-11 15:36:51]  -- Host not found (11001)
11.04.15 09.48 h SuD Quarantine
Code:
ATTFilter
[i]	15-04-04 09:43:31	Quarantäne	Starte Vernichtung der markierten Einträge...
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows.OpenWith: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows.OpenWith: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:36
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-03-29 14:45:31
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:36
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2015-03-27 10:56:06
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:31	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged WebTrends live: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged WebTrends live: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-29 14:45:32
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-29 14:04:21
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-27 10:56:06
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged Verlauf: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:36
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Regedit: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Regedit: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:36
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-03-29 14:45:31
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Office 12.0 (Word): Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Media Player: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Media Player: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:35
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-04-04 09:36:35
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:35
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-29 14:45:31
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-29 14:04:20
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-27 10:56:05
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectDraw: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectDraw: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectDraw: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS DirectDraw: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-04-04 09:36:35
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-04-04 09:10:35
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-03-29 14:45:31
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged MediaPlex: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged MediaPlex: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:32
[i]	15-04-04 09:43:32	Quarantäne	Purged Log: Alle erkannten Einträge des Produktes - 2013-08-02 11:45:13
[i]	15-04-04 09:43:32	Quarantäne	Purged Log: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:56
[i]	15-04-04 09:43:32	Quarantäne	Purged Log: Alle erkannten Einträge des Produktes - 2013-07-30 20:05:03
[i]	15-04-04 09:43:32	Quarantäne	Purged Log: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged Log: Alle erkannten Einträge des Produktes - 2013-07-29 21:49:51
[i]	15-04-04 09:43:32	Quarantäne	Purged Log: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:33
[i]	15-04-04 09:43:32	Quarantäne	Purged Internet Explorer: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged Internet Explorer: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged Internet Explorer: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged Internet Explorer: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:33
[i]	15-04-04 09:43:32	Quarantäne	Purged ilivid.Toolbar: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:32
[i]	15-04-04 09:43:32	Quarantäne	Purged ilivid.Toolbar: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:32
[i]	15-04-04 09:43:32	Quarantäne	Purged History: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged History: Alle erkannten Einträge des Produktes - 2013-07-30 20:04:43
[i]	15-04-04 09:43:32	Quarantäne	Purged History: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:35
[i]	15-04-04 09:43:32	Quarantäne	Purged FastClick: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged FastClick: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged DoubleClick: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:57
[i]	15-04-04 09:43:32	Quarantäne	Purged DoubleClick: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged Delta.Toolbar: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:06
[i]	15-04-04 09:43:32	Quarantäne	Purged Cookie: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged Cookie: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:07
[i]	15-04-04 09:43:32	Quarantäne	Purged Cookie: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged Cookie: Alle erkannten Einträge des Produktes - 2013-07-30 22:12:33
[i]	15-04-04 09:43:32	Quarantäne	Purged Cookie: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:34
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-29 14:45:31
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-29 14:04:21
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-29 13:28:12
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-27 10:56:06
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-27 07:51:29
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-26 21:54:07
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2015-03-21 19:26:58
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2013-08-02 11:44:57
[i]	15-04-04 09:43:32	Quarantäne	Purged Cache: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:35
[i]	15-04-04 09:43:32	Quarantäne	Purged 7-Zip: Alle erkannten Einträge des Produktes - 2013-07-29 21:47:33
[i]	15-04-04 09:43:32	Quarantäne	Vernichtung der markierten Einträge abgeschlossen.
[i]	15-04-04 09:44:12	Quarantäne	Starte Wiederherstellung der markierten Einträge...
[i]	15-04-04 09:44:12	Quarantäne	Wiederherstellung der markierten Einträge abgeschlossen.
[i]	15-04-11 09:48:05	Quarantäne	Starte Vernichtung der markierten Einträge...
[i]	15-04-11 09:48:05	Quarantäne	Purged Windows Media SDK: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged Windows Explorer: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged MS Wordpad: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged MS Paint: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged MS Management Console: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged MS DirectInput: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged MS Direct3D: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged History: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Purged Cookie: Alle erkannten Einträge des Produktes - 2015-04-11 09:41:53
[i]	15-04-11 09:48:05	Quarantäne	Vernichtung der markierten Einträge abgeschlossen.
[i]	15-04-11 09:48:20	Quarantäne	Starte Wiederherstellung der markierten Einträge...
[i]	15-04-11 09:48:20	Quarantäne	Wiederherstellung der markierten Einträge abgeschlossen.
[i]	15-04-11 09:48:36	Quarantäne	Starte Wiederherstellung der markierten Einträge...
[i]	15-04-11 09:48:36	Quarantäne	Wiederherstellung der markierten Einträge abgeschlossen.

Antwort
Seite 1 von 2 1 2

Themen zu malware aal entfernen Antivir -Programme erkennen nichts
antivir, avg, avira, beenden, bytes, digital, einstellungen, entfernen, explorer, fehler, icon, internet, langsam, mail, malware, monitor, mozilla, neues, schließen, security, taskmanager, tune up, updates, version, vista


« Chinesische Zeichen bei Booking.com | Spyhunter via SafeCart »


Ähnliche Themen: malware aal entfernen Antivir -Programme erkennen nichts


  1. Auf dem Fußweg Stealth-Malware erkennen?
    Antiviren-, Firewall- und andere Schutzprogramme - 11.01.2015 (8)
  2. Windows 7 Meldung Win32/Small-CA Virus entfernen, AntiVir findet nichts, Windows Update und Defender funktionieren nicht mehr
    Log-Analyse und Auswertung - 20.11.2013 (15)
  3. Virus "exp/cve-2012-1723.A.597" von antivir gefunden; malware-bytes findet nichts
    Plagegeister aller Art und deren Bekämpfung - 12.12.2012 (29)
  4. Tool im Malware in Webseite zu erkennen
    Antiviren-, Firewall- und andere Schutzprogramme - 02.09.2012 (9)
  5. Antivir findet 9 Viren, malware findet nichts mehr
    Plagegeister aller Art und deren Bekämpfung - 28.05.2012 (18)
  6. Wie verschlüsselt man Trojaner/ein Virus sodass Virenscanner nichts mehr erkennen.
    Mülltonne - 07.05.2012 (1)
  7. Facebook Malware, Antivieren-Programme finden nichts - Wie werde ich sie los?
    Log-Analyse und Auswertung - 21.11.2011 (16)
  8. TR/PCK.Tdss.C.129: Ist es ein Trojaner? Malware gibt nichts an, Antivir schon
    Plagegeister aller Art und deren Bekämpfung - 31.05.2010 (3)
  9. Virusbefall? Im normalen Modus nichts mehr möglich; Antivir sagt nichts
    Plagegeister aller Art und deren Bekämpfung - 30.11.2009 (0)
  10. Studie: Internet Explorer 8 beim Erkennen von Malware-Sites vorn
    Nachrichten - 15.08.2009 (0)
  11. kein windows & antivir update mehr möglich - antivir findet nichts "böses"
    Plagegeister aller Art und deren Bekämpfung - 02.12.2008 (1)
  12. Befall mit Trojanern&Malware.Entfernen mit Antivir, Housecall, Spybot klappt nicht
    Plagegeister aller Art und deren Bekämpfung - 29.11.2008 (0)
  13. (Schädliche) Rootkits/Malware: Welche Gefahren und wie erkennen?
    Plagegeister aller Art und deren Bekämpfung - 16.11.2008 (0)
  14. gefälschte Links aber nichts zu erkennen...
    Antiviren-, Firewall- und andere Schutzprogramme - 08.06.2007 (3)
  15. Seite öffnet sich, nichts in Registry oder Hostsfile zu erkennen
    Plagegeister aller Art und deren Bekämpfung - 21.04.2006 (3)
  16. Erkennen und Entfernen von Trojanern / Würmern /Spyware
    Plagegeister aller Art und deren Bekämpfung - 25.08.2005 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema malware aal entfernen Antivir -Programme erkennen nichts - Hallo, habe wohl einen Aal im System. In einem Registrierungseingträgen waren genannt Avira, Mozilla, PC Inspector, Antivir-Programme, Flashplayer, Java-Verknüpfung, AVG, System Explorer, TomTom, Western Digital, WD Photogalerie, , Standartkonto, Netcologne-Dateien, - malware aal entfernen Antivir -Programme erkennen nichts...
Archiv
Du betrachtest: malware aal entfernen Antivir -Programme erkennen nichts auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132