Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Unbekannter Upload

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.10.2014, 11:43   #1
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Hallo Leute,

ich habe mir leider etwas eingefangen. Ich habe eine 16.000er DSL-Leitung, aber letztens fiel mir auf, dass ich zuwenig download habe, knapp die hälfte, manchmal noch weniger. Ich habe jetzt mit einem anderen Rechner meine Leitung geprüft, da läuft alles normal, also muss ich mir den Hauptrechner verseucht haben. Die gängigen Tools finden nichts, ich habe daher jetzt einen scan mit farbar recovery scan tool gemacht, logs hänge ich mit dran.

Danke für eure Hilfe, ihr macht hier eine super Arbeit, ich verfolge das schon lange, aber jetzt brauche ich zum ersten Mal selber Hilfe.

Schöne Grüße

krampf


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 02-10-2014 11:36:51
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1666432 2014-09-22] (Simply Super Software)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome: 
=======
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google Search) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-02] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 11:36 - 2014-10-02 11:37 - 00021497 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-02 11:36 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-02 11:35 - 02108928 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 19:21 - 2014-10-02 11:31 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Sebastian\Desktop\SmartCC
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-01 20:53 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:45 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\Users\Sebastian\Documents\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-09-22 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-09-22 15:03 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-29 16:05 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC 30
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
2014-09-14 23:19 - 2014-09-14 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 23:18 - 2014-09-14 23:19 - 06057862 _____ (Tim Kosse) C:\Users\Sebastian\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-13 21:16 - 2014-09-13 21:16 - 00763575 _____ () C:\Users\Sebastian\Downloads\ArenaValue.1.0.5.0.zip
2014-09-13 13:50 - 2014-10-02 11:30 - 00012166 _____ () C:\Windows\PFRO.log
2014-09-12 19:47 - 2014-09-25 19:17 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 19:47 - 2014-09-12 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 19:40 - 2014-09-12 19:40 - 00000000 ____D () C:\ProgramData\ATI
2014-09-12 19:39 - 2014-09-12 19:39 - 00067608 _____ () C:\Windows\SysWOW64\CCCInstall_201409121939038099.log
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2014-09-12 19:39 - 2014-09-12 19:39 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-12 19:38 - 2014-09-12 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-12 19:38 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-09-12 19:37 - 2014-09-12 19:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-12 19:28 - 2014-10-02 11:30 - 00002567 _____ () C:\Windows\setupact.log
2014-09-12 19:28 - 2014-09-12 19:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 19:07 - 2014-09-12 19:13 - 283056096 _____ (AMD Inc.) C:\Users\Sebastian\Downloads\amd-catalyst-desktop-apus-win8.1-win7-64bit.exe
2014-09-12 19:06 - 2014-09-12 19:06 - 00891224 _____ (AMD) C:\Users\Sebastian\Downloads\amddriverdownloader (1).exe
2014-09-12 19:04 - 2014-09-12 19:04 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-12 19:04 - 2014-09-12 19:04 - 00000832 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-12 19:04 - 2014-09-12 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-12 19:04 - 2014-09-12 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-12 18:59 - 2014-09-12 18:59 - 00060572 _____ () C:\Windows\SysWOW64\CCCInstall_201409121859531251.log
2014-09-12 18:56 - 2014-09-12 18:57 - 03826912 _____ (Piriform Ltd) C:\Users\Sebastian\Downloads\ccsetup417_slim.exe
2014-09-11 00:43 - 2014-09-11 00:43 - 02524469 _____ () C:\Users\Sebastian\Downloads\reund.html
2014-09-10 23:28 - 2014-09-10 23:28 - 00009891 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Stromberg.Der.Film.German.720p.BluRay.x264-EXQUiSiTE.torrent
2014-09-10 22:42 - 2014-09-07 17:57 - 00022990 _____ () C:\Users\Sebastian\Documents\SEPA%2003.09.2014.xlsx_0.ods
2014-09-10 20:50 - 2014-09-10 20:50 - 00061410 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Under.the.Dome.S01.COMPLETE.GERMAN.DUBBED.WebHDRiP.XviD-SOF.torrent
2014-09-10 20:49 - 2014-09-10 20:49 - 00053292 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Homeland.S03.COMPLETE.GERMAN.DUBBED.WebHDRiP.x264-SOF.torrent
2014-09-10 03:04 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 03:04 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 03:04 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 03:04 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 03:04 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 03:04 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 03:04 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 03:04 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 03:04 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 03:04 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 03:04 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 03:04 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 03:04 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 03:04 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 03:04 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 03:04 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 03:04 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 03:04 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 03:04 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 03:04 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 03:04 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 03:04 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 03:04 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 03:04 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 03:04 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 03:04 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 03:04 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 03:04 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 03:04 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 03:04 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 03:04 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 03:04 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 03:04 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 03:04 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 03:04 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 03:04 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 03:04 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 03:04 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 03:04 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 03:04 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 03:04 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 03:04 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 03:04 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 03:04 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 03:04 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 03:04 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 03:04 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 03:04 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 03:04 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 03:04 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 03:04 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 03:03 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 00:57 - 2014-09-10 00:57 - 00881127 _____ () C:\Users\Sebastian\Downloads\DragonCC4.2.rar
2014-09-09 21:42 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 21:42 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 21:41 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 21:41 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 21:40 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 21:40 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 21:40 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 21:40 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 21:40 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 21:40 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 21:40 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-07 13:30 - 2014-09-07 13:30 - 00898243 _____ () C:\Users\Sebastian\Downloads\DragonCC3-4.rar
2014-09-07 13:24 - 2014-09-07 13:24 - 00890795 _____ () C:\Users\Sebastian\Downloads\DragonCC4 (1).rar
2014-09-07 13:22 - 2014-09-20 12:38 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC
2014-09-06 12:06 - 2014-09-06 12:06 - 00890795 _____ () C:\Users\Sebastian\Downloads\DragonCC4.rar
2014-09-05 21:41 - 2014-09-05 21:41 - 00076689 _____ () C:\Users\Sebastian\Downloads\Leverage-Staffel05-Folge13-15@www.torrent.to.torrent
2014-09-02 19:25 - 2014-09-02 19:25 - 00000237 _____ () C:\Users\Sebastian\Downloads\PayPal 01.09.2014.csv

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 11:35 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-02 11:35 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 11:35 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 11:34 - 2014-02-07 07:26 - 01942614 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 11:31 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-02 11:31 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-02 11:31 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 11:31 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-02 11:30 - 2014-07-30 22:45 - 00005310 _____ () C:\Windows\system32\debug.log
2014-10-02 11:30 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 11:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 02:14 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-02 02:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 01:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-10-02 01:00 - 2014-02-12 20:44 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\PMB Files
2014-10-02 01:00 - 2014-02-12 20:44 - 00000000 ____D () C:\ProgramData\PMB Files
2014-10-02 00:33 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:33 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 00:21 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-02 00:01 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-01 00:56 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-30 22:54 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-28 01:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-14 23:19 - 2014-08-30 01:05 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-12 19:47 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 19:46 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-12 19:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 19:46 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 19:46 - 2014-02-07 07:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\ProgramData\AMD
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\Program Files\AMD
2014-09-12 19:39 - 2014-02-07 07:39 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-09-12 19:39 - 2014-02-07 07:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-12 19:26 - 2014-05-17 00:21 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-09-12 19:26 - 2014-02-24 21:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer
2014-09-12 19:26 - 2014-02-07 07:22 - 00000000 ____D () C:\Windows\Panther
2014-09-10 22:56 - 2014-06-09 23:05 - 00000000 ____D () C:\s3 refund.me
2014-09-10 03:03 - 2014-04-03 03:00 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-10 03:03 - 2014-02-23 12:40 - 00002127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 03:03 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 03:02 - 2014-02-23 12:40 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 03:02 - 2014-02-23 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 03:02 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 03:00 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 03:00 - 2014-02-07 02:14 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\e45ear24.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_10436.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_12339.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_1645.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_2530.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_26929.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_28586.dll
C:\Users\Sebastian\AppData\Local\Temp\hrprfl_3680.dll
C:\Users\Sebastian\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-28 01:49

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
Ran by Sebastian at 2014-10-02 11:37:23
Running from C:\Users\Sebastian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40812 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0812.1103.17905 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{1113B31C-097E-644C-7242-829DFC0CED38}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0812.1103.17905 - Ihr Firmenname) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD USB 3.0 Device Detector (Version: 2.1.29.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Automatic Email Manager 5.15 (HKLM\...\{60C042B5-EB83-44A1-A522-3D1BDC901E80}) (Version: 5.15 - Namtuk)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0812.1102.17905 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0812.1103.17905 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CloudBerry Explorer for Amazon S3 3.8.7 (HKLM\...\CloudBerry Explorer for Amazon S3) (Version: 3.8.7 - CloudBerryLab)
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Cloud Print-Drucker (HKLM-x32\...\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}) (Version: 28.0.1489.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.2.9.2071 - HearthstoneTracker.com)
HP LaserJet 400 M401 (HKLM-x32\...\{8989F6D9-550C-4178-A8CB-75B82A06621F}) (Version: 5.0.13198.1083 - Hewlett-Packard)
HP LaserJet 400 M401 HP Device Toolbox (x32 Version: 29.0.109.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (x32 Version: 4.0.0.7242 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 2.0.0.404 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.404 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM401DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.1 - HP) Hidden
HPLaserJet400-M401_HelpLearnCenter_SI (HKLM-x32\...\{4989DD05-86FB-4CA2-96C5-923DFAD89DA3}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden
HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden
HPLJUTM401 (x32 Version: 3.00.0003 - HP) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM401LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM401 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.3) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden
Macro Recorder 5.7.4 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.4 - Jitbit Software)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{797A6AD2-06D5-484B-81FE-25895A56B1F2}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF24 Creator 6.5.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.23 - LG Electronics Inc.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3995683688-22251476-601076843-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

25-09-2014 00:48:07 Windows Update
29-09-2014 23:17:52 Windows Update
30-09-2014 23:23:26 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0305B390-003B-4DAC-8DC9-F62EC812A8DE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {386CFDDB-2326-47CD-A4FE-C46554050D10} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {3FEFA80E-4019-4642-A935-E559D362C63E} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {50AD10A4-D6AC-4F3B-A8BF-C66E22F660EB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {6DBD98FF-1347-4642-9925-C1AFE117B805} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6FDA6E34-03C5-4AED-BDAB-6001669799CA} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {751607E3-9066-486E-99D7-0F9720E73FE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {7B8873EB-A73C-4B23-A7B5-234DEA64649A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {7D1E9BC1-CCE9-450C-AC38-1912D1754AE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {8316B68D-B23B-452B-9FBF-3BBA09C2CF13} - System32\Tasks\{6127E29C-7967-4AC2-B92E-17C42D62C9EA} => C:\Program Files (x86)\GIGABYTE\ET6\ET6SC.exe [2012-07-09] ()
Task: {9BD48AB0-69C4-4F3A-853A-B21596B82F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {AF3356D5-119A-46B0-A6D8-01C967DF13F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {EB2A5FFC-20D3-4FB3-8B49-48DBF9F69218} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-15] (Hewlett Packard)
Task: {F8D5E86C-E5F1-43F8-A269-43E99281420F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-08 14:32 - 2013-06-12 16:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-08-06 17:10 - 2012-10-12 12:02 - 00440320 ____N () C:\Program Files (x86)\Namtuk\Automatic Email Manager\SharpCompress.dll
2014-08-12 11:06 - 2014-08-12 11:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-08-12 11:05 - 2014-08-12 11:05 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-13 19:59 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2012-01-13 15:04 - 2012-01-13 15:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-02-08 14:32 - 2013-06-26 11:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
2014-08-12 11:06 - 2014-08-12 11:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-02-08 14:32 - 2013-06-12 16:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll
2013-11-11 19:56 - 2013-11-11 19:56 - 02887747 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2013-11-05 12:07 - 2013-11-05 12:07 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2013-09-13 16:26 - 2013-09-13 16:26 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 16:22 - 2008-05-07 16:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 16:01 - 2012-05-08 16:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2012-11-27 16:03 - 2012-11-27 16:03 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2010-06-24 16:50 - 2010-06-24 16:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 20:00 - 2011-03-01 20:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2011-10-18 10:26 - 2011-10-18 10:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2013-11-05 14:12 - 2013-11-05 14:12 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2013-11-06 18:59 - 2013-11-06 18:59 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2013-03-23 11:59 - 2013-03-23 11:59 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 15:11 - 2003-02-14 15:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2013-11-01 11:29 - 2013-11-01 11:29 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2013-05-24 01:50 - 2013-05-24 01:50 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2013-05-24 01:50 - 2013-05-24 01:50 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2013-09-12 12:50 - 2013-09-12 12:50 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-02-08 14:32 - 2013-04-24 18:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\GerRes.dll
2014-09-06 18:44 - 2014-09-06 18:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-08-05 19:12 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 19:16 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 19:17 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 19:16 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3995683688-22251476-601076843-500 - Administrator - Disabled)
Gast (S-1-5-21-3995683688-22251476-601076843-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3995683688-22251476-601076843-1006 - Limited - Enabled)
Sebastian (S-1-5-21-3995683688-22251476-601076843-1000 - Administrator - Enabled) => C:\Users\Sebastian

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/02/2014 11:32:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2014 00:28:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2014 08:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2014 04:55:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/30/2014 07:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2014 01:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GUI.exe, Version: 1.0.0.1, Zeitstempel: 0x4f0fc8d2
Name des fehlerhaften Moduls: Normal.dll, Version: 1.0.0.1, Zeitstempel: 0x5280b7f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009ca66
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xGUI.exe0
Pfad der fehlerhaften Anwendung: GUI.exe1
Pfad des fehlerhaften Moduls: GUI.exe2
Berichtskennung: GUI.exe3

Error: (09/29/2014 01:08:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/28/2014 02:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/28/2014 10:55:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GUI.exe, Version: 1.0.0.1, Zeitstempel: 0x4f0fc8d2
Name des fehlerhaften Moduls: Normal.dll, Version: 1.0.0.1, Zeitstempel: 0x5280b7f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009ca66
ID des fehlerhaften Prozesses: 0x111c
Startzeit der fehlerhaften Anwendung: 0xGUI.exe0
Pfad der fehlerhaften Anwendung: GUI.exe1
Pfad des fehlerhaften Moduls: GUI.exe2
Berichtskennung: GUI.exe3

Error: (09/27/2014 10:17:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/02/2014 11:31:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/02/2014 11:31:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (10/02/2014 00:26:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/02/2014 00:26:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (10/02/2014 00:25:14 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/01/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/01/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (10/01/2014 04:53:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/01/2014 04:53:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (09/30/2014 07:20:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (10/02/2014 11:32:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2014 00:28:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2014 08:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2014 04:55:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/30/2014 07:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2014 01:39:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GUI.exe1.0.0.14f0fc8d2Normal.dll1.0.0.15280b7f4c00000050009ca66117c01cfdb70db4da4c7C:\Program Files (x86)\GIGABYTE\ET6\GUI.exeC:\Program Files (x86)\GIGABYTE\ET6\Normal.dll4c8b5502-47cd-11e4-9ab0-0c8bfd4e765d

Error: (09/29/2014 01:08:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/28/2014 02:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/28/2014 10:55:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GUI.exe1.0.0.14f0fc8d2Normal.dll1.0.0.15280b7f4c00000050009ca66111c01cfda8fe613d8ccC:\Program Files (x86)\GIGABYTE\ET6\GUI.exeC:\Program Files (x86)\GIGABYTE\ET6\Normal.dll24b1ad32-46ed-11e4-af24-0c8bfd4e765d

Error: (09/27/2014 10:17:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-09-22 18:48:49.903
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:49.862
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:49.819
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:49.777
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:49.047
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:49.005
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:48.962
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:48.920
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:48.246
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-22 18:48:48.204
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\SEBAST~1\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD A10-6800K APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 32%
Total physical RAM: 7367.6 MB
Available physical RAM: 4989.88 MB
Total Pagefile: 14733.38 MB
Available Pagefile: 11724.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (SSD 120 GB) (Fixed) (Total:111.69 GB) (Free:32.57 GB) NTFS
Drive e: (WD Red 4 TB) (Fixed) (Total:3725.9 GB) (Free:2367.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: FA67A521)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 8A9D30C7)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Angehängte Dateien
Dateityp: txt FRST.txt (45,7 KB, 126x aufgerufen)
Dateityp: txt Addition.txt (42,7 KB, 123x aufgerufen)

Geändert von krampf (02.10.2014 um 12:16 Uhr)

Alt 02.10.2014, 12:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Unbekannter Upload - Standard

Unbekannter Upload



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________

Alt 02.10.2014, 13:26   #3
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Hallo schrauber,

danke dir für deine Hilfe.

Code:
ATTFilter
12:58:51.0415 0x1574  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:58:55.0213 0x1574  ============================================================
12:58:55.0213 0x1574  Current date / time: 2014/10/02 12:58:55.0213
12:58:55.0213 0x1574  SystemInfo:
12:58:55.0213 0x1574  
12:58:55.0213 0x1574  OS Version: 6.1.7601 ServicePack: 1.0
12:58:55.0213 0x1574  Product type: Workstation
12:58:55.0213 0x1574  ComputerName: SEBASTIAN-PC
12:58:55.0213 0x1574  UserName: Sebastian
12:58:55.0213 0x1574  Windows directory: C:\Windows
12:58:55.0213 0x1574  System windows directory: C:\Windows
12:58:55.0213 0x1574  Running under WOW64
12:58:55.0213 0x1574  Processor architecture: Intel x64
12:58:55.0213 0x1574  Number of processors: 4
12:58:55.0213 0x1574  Page size: 0x1000
12:58:55.0213 0x1574  Boot type: Normal boot
12:58:55.0213 0x1574  ============================================================
12:58:55.0266 0x1574  KLMD registered as C:\Windows\system32\drivers\09891588.sys
12:58:55.0966 0x1574  System UUID: {FE78A10A-DE45-D547-1B13-58B4FF0E4953}
12:58:56.0815 0x1574  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:59:05.0257 0x1574  Drive \Device\Harddisk1\DR1 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:59:05.0263 0x1574  ============================================================
12:59:05.0263 0x1574  \Device\Harddisk0\DR0:
12:59:05.0263 0x1574  MBR partitions:
12:59:05.0263 0x1574  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:59:05.0263 0x1574  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
12:59:05.0263 0x1574  \Device\Harddisk1\DR1:
12:59:05.0263 0x1574  GPT partitions:
12:59:05.0264 0x1574  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E01FF506-7EB2-4E25-AA8E-B07FB398FC36}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:59:05.0264 0x1574  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EAF328F9-814C-40C6-ABC3-6005FCE88F15}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xD1BCB000
12:59:05.0264 0x1574  MBR partitions:
12:59:05.0264 0x1574  ============================================================
12:59:05.0264 0x1574  C: <-> \Device\Harddisk0\DR0\Partition2
12:59:05.0291 0x1574  E: <-> \Device\Harddisk1\DR1\Partition2
12:59:05.0291 0x1574  ============================================================
12:59:05.0291 0x1574  Initialize success
12:59:05.0291 0x1574  ============================================================
12:59:28.0088 0x19c0  ============================================================
12:59:28.0088 0x19c0  Scan started
12:59:28.0089 0x19c0  Mode: Manual; SigCheck; TDLFS; 
12:59:28.0089 0x19c0  ============================================================
12:59:28.0089 0x19c0  KSN ping started
12:59:30.0761 0x19c0  KSN ping finished: true
12:59:30.0979 0x19c0  ================ Scan system memory ========================
12:59:30.0979 0x19c0  System memory - ok
12:59:30.0980 0x19c0  ================ Scan services =============================
12:59:31.0013 0x19c0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:59:31.0075 0x19c0  1394ohci - ok
12:59:31.0091 0x19c0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:59:31.0106 0x19c0  ACPI - ok
12:59:31.0110 0x19c0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:59:31.0121 0x19c0  AcpiPmi - ok
12:59:31.0126 0x19c0  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:59:31.0135 0x19c0  AdobeARMservice - ok
12:59:31.0156 0x19c0  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:59:31.0168 0x19c0  AdobeFlashPlayerUpdateSvc - ok
12:59:31.0180 0x19c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:59:31.0197 0x19c0  adp94xx - ok
12:59:31.0207 0x19c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:59:31.0221 0x19c0  adpahci - ok
12:59:31.0228 0x19c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:59:31.0240 0x19c0  adpu320 - ok
12:59:31.0246 0x19c0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:59:31.0272 0x19c0  AeLookupSvc - ok
12:59:31.0281 0x19c0  [ 2FAD0C11FFD2E47622B06E5D8BC0DBBE, B0508783F40A8964D490E4B15CD33534CCA5D4D9B9AE0481921D975902795C14 ] AEM Service5    C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
12:59:31.0292 0x19c0  AEM Service5 - detected UnsignedFile.Multi.Generic ( 1 )
12:59:33.0966 0x19c0  Detect skipped due to KSN trusted
12:59:33.0966 0x19c0  AEM Service5 - ok
12:59:33.0979 0x19c0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:59:33.0999 0x19c0  AFD - ok
12:59:34.0003 0x19c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:59:34.0012 0x19c0  agp440 - ok
12:59:34.0016 0x19c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:59:34.0028 0x19c0  ALG - ok
12:59:34.0031 0x19c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:59:34.0040 0x19c0  aliide - ok
12:59:34.0046 0x19c0  [ 689760C1BDE6C663CAF996F6BFE093BD, 99EE58B532F69323169C58A2FA88F9A3857A96F2111D3F38C84F71826B4FDEBC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:59:34.0063 0x19c0  AMD External Events Utility - ok
12:59:34.0066 0x19c0  AMD FUEL Service - ok
12:59:34.0071 0x19c0  [ 05120427227F6F088ECA75942ED7ACA9, BD25436EB43C6718F5E6A4C3C24831189D3A893DC87AA0ADED993B7C3126F2E9 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
12:59:34.0080 0x19c0  amdhub30 - ok
12:59:34.0084 0x19c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:59:34.0093 0x19c0  amdide - ok
12:59:34.0097 0x19c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:59:34.0107 0x19c0  AmdK8 - ok
12:59:34.0382 0x19c0  [ 7A0EEC010B9F5FB20198EF06505AC44F, 8B62E693F82F21342B4B81A9D87850CD63111EA2104A931DBBAF5F41740E859A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:59:34.0716 0x19c0  amdkmdag - ok
12:59:34.0752 0x19c0  [ 3C355B3D0A3FB9FC3A298D0480D673EF, FC69982C900C7803793E57D5E9542DDB81A87DCA180BC992846EFD9376AF0D71 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:59:34.0775 0x19c0  amdkmdap - ok
12:59:34.0780 0x19c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:59:34.0790 0x19c0  AmdPPM - ok
12:59:34.0795 0x19c0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:59:34.0806 0x19c0  amdsata - ok
12:59:34.0812 0x19c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:59:34.0823 0x19c0  amdsbs - ok
12:59:34.0827 0x19c0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:59:34.0835 0x19c0  amdxata - ok
12:59:34.0843 0x19c0  [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
12:59:34.0854 0x19c0  amdxhc - ok
12:59:34.0858 0x19c0  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
12:59:34.0868 0x19c0  amd_sata - ok
12:59:34.0873 0x19c0  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
12:59:34.0880 0x19c0  amd_xata - ok
12:59:34.0894 0x19c0  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:59:34.0910 0x19c0  AntiVirSchedulerService - ok
12:59:34.0920 0x19c0  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:59:34.0933 0x19c0  AntiVirService - ok
12:59:34.0941 0x19c0  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2.0  C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys
12:59:34.0963 0x19c0  AODDriver4.2.0 - ok
12:59:34.0967 0x19c0  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:59:34.0976 0x19c0  AODDriver4.3 - ok
12:59:34.0980 0x19c0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:59:35.0004 0x19c0  AppID - ok
12:59:35.0007 0x19c0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:59:35.0031 0x19c0  AppIDSvc - ok
12:59:35.0036 0x19c0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:59:35.0047 0x19c0  Appinfo - ok
12:59:35.0053 0x19c0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:59:35.0066 0x19c0  AppMgmt - ok
12:59:35.0074 0x19c0  [ A3C7FC7D3FD8B9FA5FD4B8AF903363D3, 2CCB9380839C4E4AD305F61F13CD5A6B2699C85C8338446AE1F88A0B9048FA04 ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
12:59:35.0086 0x19c0  APXACC - ok
12:59:35.0090 0x19c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:59:35.0100 0x19c0  arc - ok
12:59:35.0105 0x19c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:59:35.0114 0x19c0  arcsas - ok
12:59:35.0125 0x19c0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:59:35.0137 0x19c0  aspnet_state - ok
12:59:35.0140 0x19c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:59:35.0164 0x19c0  AsyncMac - ok
12:59:35.0168 0x19c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:59:35.0176 0x19c0  atapi - ok
12:59:35.0182 0x19c0  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:59:35.0193 0x19c0  AtiHDAudioService - ok
12:59:35.0210 0x19c0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:59:35.0246 0x19c0  AudioEndpointBuilder - ok
12:59:35.0262 0x19c0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:59:35.0298 0x19c0  AudioSrv - ok
12:59:35.0304 0x19c0  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:59:35.0314 0x19c0  avgntflt - ok
12:59:35.0319 0x19c0  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:59:35.0329 0x19c0  avipbb - ok
12:59:35.0335 0x19c0  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
12:59:35.0345 0x19c0  Avira.OE.ServiceHost - ok
12:59:35.0349 0x19c0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:59:35.0357 0x19c0  avkmgr - ok
12:59:35.0364 0x19c0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:59:35.0379 0x19c0  AxInstSV - ok
12:59:35.0390 0x19c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:59:35.0409 0x19c0  b06bdrv - ok
12:59:35.0417 0x19c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:59:35.0432 0x19c0  b57nd60a - ok
12:59:35.0438 0x19c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:59:35.0450 0x19c0  BDESVC - ok
12:59:35.0453 0x19c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:59:35.0477 0x19c0  Beep - ok
12:59:35.0492 0x19c0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:59:35.0516 0x19c0  BFE - ok
12:59:35.0535 0x19c0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:59:35.0576 0x19c0  BITS - ok
12:59:35.0580 0x19c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:59:35.0591 0x19c0  blbdrive - ok
12:59:35.0615 0x19c0  [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
12:59:35.0644 0x19c0  Bluetooth Device Monitor - ok
12:59:35.0676 0x19c0  [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
12:59:35.0707 0x19c0  Bluetooth Media Service - ok
12:59:35.0735 0x19c0  [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
12:59:35.0762 0x19c0  Bluetooth OBEX Service - ok
12:59:35.0768 0x19c0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:59:35.0779 0x19c0  bowser - ok
12:59:35.0782 0x19c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:59:35.0794 0x19c0  BrFiltLo - ok
12:59:35.0796 0x19c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:59:35.0808 0x19c0  BrFiltUp - ok
12:59:35.0813 0x19c0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:59:35.0826 0x19c0  Browser - ok
12:59:35.0834 0x19c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:59:35.0849 0x19c0  Brserid - ok
12:59:35.0853 0x19c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:59:35.0865 0x19c0  BrSerWdm - ok
12:59:35.0868 0x19c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:59:35.0880 0x19c0  BrUsbMdm - ok
12:59:35.0885 0x19c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:59:35.0894 0x19c0  BrUsbSer - ok
12:59:35.0898 0x19c0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
12:59:35.0908 0x19c0  BthEnum - ok
12:59:35.0913 0x19c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:59:35.0925 0x19c0  BTHMODEM - ok
12:59:35.0930 0x19c0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:59:35.0944 0x19c0  BthPan - ok
12:59:35.0956 0x19c0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:59:35.0976 0x19c0  BTHPORT - ok
12:59:35.0981 0x19c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:59:36.0006 0x19c0  bthserv - ok
12:59:36.0010 0x19c0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:59:36.0021 0x19c0  BTHUSB - ok
12:59:36.0026 0x19c0  [ BD64048EE0186D7988943327D677AC84, 436910AEDDBAED02A8E71BA0A96EBDE1906B20AA29F02BE2B20946898B4B0C27 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
12:59:36.0034 0x19c0  btmaudio - ok
12:59:36.0041 0x19c0  [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
12:59:36.0051 0x19c0  btmaux - ok
12:59:36.0081 0x19c0  [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
12:59:36.0113 0x19c0  btmhsf - ok
12:59:36.0121 0x19c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:59:36.0147 0x19c0  cdfs - ok
12:59:36.0152 0x19c0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:59:36.0164 0x19c0  cdrom - ok
12:59:36.0170 0x19c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:59:36.0194 0x19c0  CertPropSvc - ok
12:59:36.0198 0x19c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:59:36.0210 0x19c0  circlass - ok
12:59:36.0219 0x19c0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:59:36.0233 0x19c0  CLFS - ok
12:59:36.0280 0x19c0  [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:59:36.0332 0x19c0  ClickToRunSvc - ok
12:59:36.0341 0x19c0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:59:36.0350 0x19c0  clr_optimization_v2.0.50727_32 - ok
12:59:36.0355 0x19c0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:59:36.0365 0x19c0  clr_optimization_v2.0.50727_64 - ok
12:59:36.0374 0x19c0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:59:36.0393 0x19c0  clr_optimization_v4.0.30319_32 - ok
12:59:36.0399 0x19c0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:59:36.0413 0x19c0  clr_optimization_v4.0.30319_64 - ok
12:59:36.0416 0x19c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:59:36.0426 0x19c0  CmBatt - ok
12:59:36.0429 0x19c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:59:36.0437 0x19c0  cmdide - ok
12:59:36.0449 0x19c0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:59:36.0470 0x19c0  CNG - ok
12:59:36.0475 0x19c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:59:36.0483 0x19c0  Compbatt - ok
12:59:36.0486 0x19c0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:59:36.0498 0x19c0  CompositeBus - ok
12:59:36.0501 0x19c0  COMSysApp - ok
12:59:36.0523 0x19c0  cpuz136 - ok
12:59:36.0527 0x19c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:59:36.0536 0x19c0  crcdisk - ok
12:59:36.0544 0x19c0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:59:36.0557 0x19c0  CryptSvc - ok
12:59:36.0569 0x19c0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:59:36.0592 0x19c0  CSC - ok
12:59:36.0607 0x19c0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:59:36.0630 0x19c0  CscService - ok
12:59:36.0636 0x19c0  [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
12:59:36.0645 0x19c0  dc3d - ok
12:59:36.0659 0x19c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:59:36.0693 0x19c0  DcomLaunch - ok
12:59:36.0702 0x19c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:59:36.0731 0x19c0  defragsvc - ok
12:59:36.0736 0x19c0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:59:36.0761 0x19c0  DfsC - ok
12:59:36.0769 0x19c0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:59:36.0785 0x19c0  Dhcp - ok
12:59:36.0789 0x19c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:59:36.0813 0x19c0  discache - ok
12:59:36.0818 0x19c0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:59:36.0827 0x19c0  Disk - ok
12:59:36.0831 0x19c0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:59:36.0842 0x19c0  dmvsc - ok
12:59:36.0849 0x19c0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:59:36.0864 0x19c0  Dnscache - ok
12:59:36.0871 0x19c0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:59:36.0900 0x19c0  dot3svc - ok
12:59:36.0906 0x19c0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:59:36.0933 0x19c0  DPS - ok
12:59:36.0936 0x19c0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:59:36.0945 0x19c0  drmkaud - ok
12:59:36.0964 0x19c0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:59:36.0990 0x19c0  DXGKrnl - ok
12:59:36.0997 0x19c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:59:37.0023 0x19c0  EapHost - ok
12:59:37.0085 0x19c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:59:37.0161 0x19c0  ebdrv - ok
12:59:37.0171 0x19c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:59:37.0181 0x19c0  EFS - ok
12:59:37.0196 0x19c0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:59:37.0220 0x19c0  ehRecvr - ok
12:59:37.0225 0x19c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:59:37.0237 0x19c0  ehSched - ok
12:59:37.0250 0x19c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:59:37.0267 0x19c0  elxstor - ok
12:59:37.0271 0x19c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:59:37.0280 0x19c0  ErrDev - ok
12:59:37.0284 0x19c0  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
12:59:37.0292 0x19c0  etdrv - ok
12:59:37.0304 0x19c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:59:37.0336 0x19c0  EventSystem - ok
12:59:37.0340 0x19c0  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
12:59:37.0349 0x19c0  EvolveVirtualAdapter - ok
12:59:37.0355 0x19c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:59:37.0383 0x19c0  exfat - ok
12:59:37.0392 0x19c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:59:37.0427 0x19c0  fastfat - ok
12:59:37.0444 0x19c0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:59:37.0468 0x19c0  Fax - ok
12:59:37.0472 0x19c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:59:37.0482 0x19c0  fdc - ok
12:59:37.0486 0x19c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:59:37.0511 0x19c0  fdPHost - ok
12:59:37.0514 0x19c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:59:37.0539 0x19c0  FDResPub - ok
12:59:37.0543 0x19c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:59:37.0552 0x19c0  FileInfo - ok
12:59:37.0556 0x19c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:59:37.0581 0x19c0  Filetrace - ok
12:59:37.0584 0x19c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:59:37.0594 0x19c0  flpydisk - ok
12:59:37.0602 0x19c0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:59:37.0615 0x19c0  FltMgr - ok
12:59:37.0640 0x19c0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:59:37.0674 0x19c0  FontCache - ok
12:59:37.0679 0x19c0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:59:37.0688 0x19c0  FontCache3.0.0.0 - ok
12:59:37.0693 0x19c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:59:37.0702 0x19c0  FsDepends - ok
12:59:37.0706 0x19c0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:59:37.0715 0x19c0  Fs_Rec - ok
12:59:37.0722 0x19c0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:59:37.0737 0x19c0  fvevol - ok
12:59:37.0741 0x19c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:59:37.0750 0x19c0  gagp30kx - ok
12:59:37.0762 0x19c0  [ 50FFA2F6A5BEC5BB7C39AAB76EEA3C58, E7B0934FF69994F61D9186BF28EE8EAADEB4F64BC6FAE895B2602DAC3B311235 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:59:37.0777 0x19c0  Garmin Core Update Service - ok
12:59:37.0781 0x19c0  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
12:59:37.0788 0x19c0  gdrv - ok
12:59:37.0977 0x19c0  getbus - ok
12:59:38.0121 0x19c0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:59:38.0160 0x19c0  gpsvc - ok
12:59:38.0165 0x19c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:59:38.0174 0x19c0  gupdate - ok
12:59:38.0179 0x19c0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:59:38.0187 0x19c0  gupdatem - ok
12:59:38.0191 0x19c0  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
12:59:38.0199 0x19c0  GVTDrv64 - ok
12:59:38.0205 0x19c0  [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
12:59:38.0214 0x19c0  hcmon - ok
12:59:38.0217 0x19c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:59:38.0227 0x19c0  hcw85cir - ok
12:59:38.0236 0x19c0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:59:38.0254 0x19c0  HdAudAddService - ok
12:59:38.0259 0x19c0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:59:38.0273 0x19c0  HDAudBus - ok
12:59:38.0276 0x19c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:59:38.0286 0x19c0  HidBatt - ok
12:59:38.0290 0x19c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:59:38.0303 0x19c0  HidBth - ok
12:59:38.0308 0x19c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:59:38.0320 0x19c0  HidIr - ok
12:59:38.0323 0x19c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:59:38.0348 0x19c0  hidserv - ok
12:59:38.0352 0x19c0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:59:38.0362 0x19c0  HidUsb - ok
12:59:38.0366 0x19c0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:59:38.0391 0x19c0  hkmsvc - ok
12:59:38.0398 0x19c0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:59:38.0412 0x19c0  HomeGroupListener - ok
12:59:38.0418 0x19c0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:59:38.0432 0x19c0  HomeGroupProvider - ok
12:59:38.0436 0x19c0  [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
12:59:38.0440 0x19c0  HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
12:59:41.0102 0x19c0  Detect skipped due to KSN trusted
12:59:41.0102 0x19c0  HP DS Service - ok
12:59:41.0108 0x19c0  [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
12:59:41.0115 0x19c0  HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
12:59:43.0882 0x19c0  Detect skipped due to KSN trusted
12:59:43.0882 0x19c0  HP LaserJet Service - ok
12:59:43.0886 0x19c0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:59:43.0896 0x19c0  HpSAMD - ok
12:59:43.0912 0x19c0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:59:43.0951 0x19c0  HTTP - ok
12:59:43.0957 0x19c0  [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
12:59:43.0965 0x19c0  HWiNFO32 - ok
12:59:43.0968 0x19c0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:59:43.0976 0x19c0  hwpolicy - ok
12:59:43.0981 0x19c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:59:43.0992 0x19c0  i8042prt - ok
12:59:44.0004 0x19c0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:59:44.0019 0x19c0  iaStorV - ok
12:59:44.0027 0x19c0  [ 42AC8F419412AFEB326C411DB1753C2F, 949D99261207502D8CAB6715980D584018BE9EAFE15C0ACF7FDAD25121BD42B4 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
12:59:44.0037 0x19c0  ibtusb - ok
12:59:44.0043 0x19c0  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:59:44.0050 0x19c0  ICCS - detected UnsignedFile.Multi.Generic ( 1 )
12:59:46.0807 0x19c0  Detect skipped due to KSN trusted
12:59:46.0807 0x19c0  ICCS - ok
12:59:46.0812 0x19c0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:59:46.0817 0x19c0  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:59:49.0654 0x19c0  Detect skipped due to KSN trusted
12:59:49.0654 0x19c0  IDriverT - ok
12:59:49.0675 0x19c0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:59:49.0698 0x19c0  idsvc - ok
12:59:49.0703 0x19c0  IEEtwCollectorService - ok
12:59:49.0707 0x19c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:59:49.0716 0x19c0  iirsp - ok
12:59:49.0735 0x19c0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:59:49.0763 0x19c0  IKEEXT - ok
12:59:49.0841 0x19c0  [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:59:49.0916 0x19c0  IntcAzAudAddService - ok
12:59:49.0924 0x19c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:59:49.0933 0x19c0  intelide - ok
12:59:49.0937 0x19c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
12:59:49.0947 0x19c0  intelppm - ok
12:59:49.0952 0x19c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:59:49.0978 0x19c0  IPBusEnum - ok
12:59:49.0982 0x19c0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:59:50.0007 0x19c0  IpFilterDriver - ok
12:59:50.0021 0x19c0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:59:50.0042 0x19c0  iphlpsvc - ok
12:59:50.0047 0x19c0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:59:50.0058 0x19c0  IPMIDRV - ok
12:59:50.0062 0x19c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:59:50.0088 0x19c0  IPNAT - ok
12:59:50.0092 0x19c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:59:50.0104 0x19c0  IRENUM - ok
12:59:50.0107 0x19c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:59:50.0116 0x19c0  isapnp - ok
12:59:50.0125 0x19c0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:59:50.0137 0x19c0  iScsiPrt - ok
12:59:50.0142 0x19c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:59:50.0151 0x19c0  kbdclass - ok
12:59:50.0154 0x19c0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:59:50.0164 0x19c0  kbdhid - ok
12:59:50.0168 0x19c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:59:50.0178 0x19c0  KeyIso - ok
12:59:50.0183 0x19c0  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:59:50.0192 0x19c0  KSecDD - ok
12:59:50.0198 0x19c0  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:59:50.0209 0x19c0  KSecPkg - ok
12:59:50.0212 0x19c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:59:50.0237 0x19c0  ksthunk - ok
12:59:50.0248 0x19c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:59:50.0279 0x19c0  KtmRm - ok
12:59:50.0287 0x19c0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:59:50.0315 0x19c0  LanmanServer - ok
12:59:50.0320 0x19c0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:59:50.0347 0x19c0  LanmanWorkstation - ok
12:59:50.0353 0x19c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:59:50.0378 0x19c0  lltdio - ok
12:59:50.0387 0x19c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:59:50.0417 0x19c0  lltdsvc - ok
12:59:50.0421 0x19c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:59:50.0446 0x19c0  lmhosts - ok
12:59:50.0452 0x19c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:59:50.0462 0x19c0  LSI_FC - ok
12:59:50.0466 0x19c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:59:50.0476 0x19c0  LSI_SAS - ok
12:59:50.0481 0x19c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:59:50.0490 0x19c0  LSI_SAS2 - ok
12:59:50.0495 0x19c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:59:50.0506 0x19c0  LSI_SCSI - ok
12:59:50.0511 0x19c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:59:50.0537 0x19c0  luafv - ok
12:59:50.0541 0x19c0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:59:50.0553 0x19c0  Mcx2Svc - ok
12:59:50.0557 0x19c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:59:50.0566 0x19c0  megasas - ok
12:59:50.0574 0x19c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:59:50.0587 0x19c0  MegaSR - ok
12:59:50.0592 0x19c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:59:50.0619 0x19c0  MMCSS - ok
12:59:50.0622 0x19c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:59:50.0647 0x19c0  Modem - ok
12:59:50.0650 0x19c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:59:50.0662 0x19c0  monitor - ok
12:59:50.0666 0x19c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:59:50.0675 0x19c0  mouclass - ok
12:59:50.0678 0x19c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:59:50.0688 0x19c0  mouhid - ok
12:59:50.0693 0x19c0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:59:50.0702 0x19c0  mountmgr - ok
12:59:50.0710 0x19c0  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:59:50.0725 0x19c0  MpFilter - ok
12:59:50.0731 0x19c0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:59:50.0741 0x19c0  mpio - ok
12:59:50.0746 0x19c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:59:50.0771 0x19c0  mpsdrv - ok
12:59:50.0789 0x19c0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:59:50.0829 0x19c0  MpsSvc - ok
12:59:50.0836 0x19c0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:59:50.0848 0x19c0  MRxDAV - ok
12:59:50.0855 0x19c0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:59:50.0869 0x19c0  mrxsmb - ok
12:59:50.0879 0x19c0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:59:50.0893 0x19c0  mrxsmb10 - ok
12:59:50.0899 0x19c0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:59:50.0911 0x19c0  mrxsmb20 - ok
12:59:50.0914 0x19c0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:59:50.0923 0x19c0  msahci - ok
12:59:50.0928 0x19c0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:59:50.0939 0x19c0  msdsm - ok
12:59:50.0944 0x19c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:59:50.0957 0x19c0  MSDTC - ok
12:59:50.0964 0x19c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:59:50.0989 0x19c0  Msfs - ok
12:59:50.0992 0x19c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:59:51.0016 0x19c0  mshidkmdf - ok
12:59:51.0019 0x19c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:59:51.0027 0x19c0  msisadrv - ok
12:59:51.0033 0x19c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:59:51.0061 0x19c0  MSiSCSI - ok
12:59:51.0064 0x19c0  msiserver - ok
12:59:51.0067 0x19c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:59:51.0091 0x19c0  MSKSSRV - ok
12:59:51.0095 0x19c0  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:59:51.0105 0x19c0  MsMpSvc - ok
12:59:51.0108 0x19c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:59:51.0132 0x19c0  MSPCLOCK - ok
12:59:51.0135 0x19c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:59:51.0159 0x19c0  MSPQM - ok
12:59:51.0168 0x19c0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:59:51.0182 0x19c0  MsRPC - ok
12:59:51.0187 0x19c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:59:51.0196 0x19c0  mssmbios - ok
12:59:51.0199 0x19c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:59:51.0223 0x19c0  MSTEE - ok
12:59:51.0226 0x19c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:59:51.0236 0x19c0  MTConfig - ok
12:59:51.0240 0x19c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:59:51.0249 0x19c0  Mup - ok
12:59:51.0260 0x19c0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:59:51.0293 0x19c0  napagent - ok
12:59:51.0302 0x19c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:59:51.0321 0x19c0  NativeWifiP - ok
12:59:51.0342 0x19c0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:59:51.0367 0x19c0  NDIS - ok
12:59:51.0372 0x19c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:59:51.0396 0x19c0  NdisCap - ok
12:59:51.0399 0x19c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:59:51.0423 0x19c0  NdisTapi - ok
12:59:51.0427 0x19c0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:59:51.0450 0x19c0  Ndisuio - ok
12:59:51.0456 0x19c0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:59:51.0481 0x19c0  NdisWan - ok
12:59:51.0485 0x19c0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:59:51.0509 0x19c0  NDProxy - ok
12:59:51.0513 0x19c0  [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:59:51.0518 0x19c0  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:59:54.0201 0x19c0  Detect skipped due to KSN trusted
12:59:54.0201 0x19c0  Net Driver HPZ12 - ok
12:59:54.0204 0x19c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:59:54.0228 0x19c0  NetBIOS - ok
12:59:54.0235 0x19c0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:59:54.0263 0x19c0  NetBT - ok
12:59:54.0267 0x19c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:59:54.0277 0x19c0  Netlogon - ok
12:59:54.0286 0x19c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:59:54.0318 0x19c0  Netman - ok
12:59:54.0327 0x19c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0340 0x19c0  NetMsmqActivator - ok
12:59:54.0344 0x19c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0356 0x19c0  NetPipeActivator - ok
12:59:54.0368 0x19c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:59:54.0401 0x19c0  netprofm - ok
12:59:54.0407 0x19c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0418 0x19c0  NetTcpActivator - ok
12:59:54.0423 0x19c0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:54.0435 0x19c0  NetTcpPortSharing - ok
12:59:54.0505 0x19c0  [ C765243896D8D734FD667AE42B0FB40B, B2D00B0D82450C4EA191D241D538D839400214C587CCB3FE3EE99709093825E1 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw02.sys
12:59:54.0576 0x19c0  NETwNs64 - ok
12:59:54.0586 0x19c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:59:54.0594 0x19c0  nfrd960 - ok
12:59:54.0600 0x19c0  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:59:54.0611 0x19c0  NisDrv - ok
12:59:54.0620 0x19c0  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
12:59:54.0636 0x19c0  NisSrv - ok
12:59:54.0645 0x19c0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:59:54.0661 0x19c0  NlaSvc - ok
12:59:54.0665 0x19c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:59:54.0690 0x19c0  Npfs - ok
12:59:54.0693 0x19c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:59:54.0718 0x19c0  nsi - ok
12:59:54.0721 0x19c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:59:54.0745 0x19c0  nsiproxy - ok
12:59:54.0779 0x19c0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:59:54.0817 0x19c0  Ntfs - ok
12:59:54.0823 0x19c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:59:54.0846 0x19c0  Null - ok
12:59:54.0852 0x19c0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:59:54.0863 0x19c0  nvraid - ok
12:59:54.0869 0x19c0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:59:54.0880 0x19c0  nvstor - ok
12:59:54.0884 0x19c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:59:54.0895 0x19c0  nv_agp - ok
12:59:54.0899 0x19c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:59:54.0909 0x19c0  ohci1394 - ok
12:59:54.0915 0x19c0  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:59:54.0925 0x19c0  ose - ok
12:59:55.0017 0x19c0  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:59:55.0116 0x19c0  osppsvc - ok
12:59:55.0133 0x19c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:59:55.0149 0x19c0  p2pimsvc - ok
12:59:55.0160 0x19c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:59:55.0178 0x19c0  p2psvc - ok
12:59:55.0183 0x19c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:59:55.0194 0x19c0  Parport - ok
12:59:55.0199 0x19c0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:59:55.0208 0x19c0  partmgr - ok
12:59:55.0214 0x19c0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:59:55.0231 0x19c0  PcaSvc - ok
12:59:55.0237 0x19c0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:59:55.0248 0x19c0  pci - ok
12:59:55.0251 0x19c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:59:55.0260 0x19c0  pciide - ok
12:59:55.0266 0x19c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:59:55.0278 0x19c0  pcmcia - ok
12:59:55.0282 0x19c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:59:55.0291 0x19c0  pcw - ok
12:59:55.0327 0x19c0  [ D0AD1271494EB9E065E902D1013BC369, 0E4DB28B5C348DF44BADC64FB8BCDA563D0515A75F0F14FD076BC39AF19BD65F ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
12:59:55.0365 0x19c0  PDF Architect 2 - ok
12:59:55.0384 0x19c0  [ 835E1A0AB522271FFA66E40875AB649A, EBAD6126E16593B1BEB6958772A04A8CF46B587D494E8DA2349636BF93E6900C ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
12:59:55.0404 0x19c0  PDF Architect 2 Creator - ok
12:59:55.0424 0x19c0  [ 89436BB836F6737F19EB2B78250E414E, 9140F42CACDDC0979B90553D43A1FA1296DD829E6235D272F9DF3670613445CF ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
12:59:55.0446 0x19c0  pdfforge CrashHandler - ok
12:59:55.0460 0x19c0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:59:55.0497 0x19c0  PEAUTH - ok
12:59:55.0527 0x19c0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:59:55.0564 0x19c0  PeerDistSvc - ok
12:59:55.0582 0x19c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:59:55.0592 0x19c0  PerfHost - ok
12:59:55.0623 0x19c0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:59:55.0677 0x19c0  pla - ok
12:59:55.0691 0x19c0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:59:55.0710 0x19c0  PlugPlay - ok
12:59:55.0714 0x19c0  [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:59:55.0720 0x19c0  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:59:58.0380 0x19c0  Detect skipped due to KSN trusted
12:59:58.0381 0x19c0  Pml Driver HPZ12 - ok
12:59:58.0384 0x19c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:59:58.0395 0x19c0  PNRPAutoReg - ok
12:59:58.0404 0x19c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:59:58.0420 0x19c0  PNRPsvc - ok
12:59:58.0425 0x19c0  [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
12:59:58.0434 0x19c0  Point64 - ok
12:59:58.0446 0x19c0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:59:58.0479 0x19c0  PolicyAgent - ok
12:59:58.0488 0x19c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:59:58.0516 0x19c0  Power - ok
12:59:58.0521 0x19c0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:59:58.0546 0x19c0  PptpMiniport - ok
12:59:58.0550 0x19c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:59:58.0560 0x19c0  Processor - ok
12:59:58.0567 0x19c0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:59:58.0582 0x19c0  ProfSvc - ok
12:59:58.0586 0x19c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:59:58.0596 0x19c0  ProtectedStorage - ok
12:59:58.0601 0x19c0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:59:58.0627 0x19c0  Psched - ok
12:59:58.0656 0x19c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:59:58.0692 0x19c0  ql2300 - ok
12:59:58.0700 0x19c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:59:58.0711 0x19c0  ql40xx - ok
12:59:58.0720 0x19c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:59:58.0738 0x19c0  QWAVE - ok
12:59:58.0742 0x19c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:59:58.0756 0x19c0  QWAVEdrv - ok
12:59:58.0759 0x19c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:59:58.0783 0x19c0  RasAcd - ok
12:59:58.0789 0x19c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:59:58.0813 0x19c0  RasAgileVpn - ok
12:59:58.0819 0x19c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:59:58.0846 0x19c0  RasAuto - ok
12:59:58.0851 0x19c0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:59:58.0878 0x19c0  Rasl2tp - ok
12:59:58.0893 0x19c0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:59:58.0924 0x19c0  RasMan - ok
12:59:58.0929 0x19c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:59:58.0957 0x19c0  RasPppoe - ok
12:59:58.0962 0x19c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:59:58.0988 0x19c0  RasSstp - ok
12:59:58.0996 0x19c0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:59:59.0025 0x19c0  rdbss - ok
12:59:59.0029 0x19c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:59:59.0040 0x19c0  rdpbus - ok
12:59:59.0044 0x19c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:59:59.0068 0x19c0  RDPCDD - ok
12:59:59.0076 0x19c0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:59:59.0088 0x19c0  RDPDR - ok
12:59:59.0092 0x19c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:59:59.0116 0x19c0  RDPENCDD - ok
12:59:59.0121 0x19c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:59:59.0145 0x19c0  RDPREFMP - ok
12:59:59.0153 0x19c0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:59:59.0166 0x19c0  RDPWD - ok
12:59:59.0173 0x19c0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:59:59.0186 0x19c0  rdyboost - ok
12:59:59.0192 0x19c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:59:59.0218 0x19c0  RemoteAccess - ok
12:59:59.0225 0x19c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:59:59.0253 0x19c0  RemoteRegistry - ok
12:59:59.0260 0x19c0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:59:59.0274 0x19c0  RFCOMM - ok
12:59:59.0279 0x19c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:59:59.0305 0x19c0  RpcEptMapper - ok
12:59:59.0309 0x19c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:59:59.0319 0x19c0  RpcLocator - ok
12:59:59.0333 0x19c0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:59:59.0367 0x19c0  RpcSs - ok
12:59:59.0372 0x19c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:59:59.0397 0x19c0  rspndr - ok
12:59:59.0413 0x19c0  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:59:59.0432 0x19c0  RTL8167 - ok
12:59:59.0437 0x19c0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:59:59.0446 0x19c0  s3cap - ok
12:59:59.0450 0x19c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:59:59.0460 0x19c0  SamSs - ok
12:59:59.0465 0x19c0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:59:59.0475 0x19c0  sbp2port - ok
12:59:59.0483 0x19c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:59:59.0511 0x19c0  SCardSvr - ok
12:59:59.0515 0x19c0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:59:59.0539 0x19c0  scfilter - ok
12:59:59.0561 0x19c0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:59:59.0607 0x19c0  Schedule - ok
12:59:59.0614 0x19c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:59:59.0639 0x19c0  SCPolicySvc - ok
12:59:59.0646 0x19c0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:59:59.0659 0x19c0  SDRSVC - ok
12:59:59.0663 0x19c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:59:59.0687 0x19c0  secdrv - ok
12:59:59.0691 0x19c0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:59:59.0715 0x19c0  seclogon - ok
12:59:59.0723 0x19c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:59:59.0748 0x19c0  SENS - ok
12:59:59.0752 0x19c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:59:59.0763 0x19c0  SensrSvc - ok
12:59:59.0766 0x19c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:59:59.0776 0x19c0  Serenum - ok
12:59:59.0781 0x19c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:59:59.0792 0x19c0  Serial - ok
12:59:59.0796 0x19c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:59:59.0806 0x19c0  sermouse - ok
12:59:59.0817 0x19c0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:59:59.0843 0x19c0  SessionEnv - ok
12:59:59.0847 0x19c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:59:59.0859 0x19c0  sffdisk - ok
12:59:59.0862 0x19c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:59:59.0874 0x19c0  sffp_mmc - ok
12:59:59.0878 0x19c0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:59:59.0889 0x19c0  sffp_sd - ok
12:59:59.0893 0x19c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:59:59.0903 0x19c0  sfloppy - ok
12:59:59.0913 0x19c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:59:59.0944 0x19c0  SharedAccess - ok
12:59:59.0955 0x19c0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:59:59.0986 0x19c0  ShellHWDetection - ok
12:59:59.0990 0x19c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:59:59.0999 0x19c0  SiSRaid2 - ok
13:00:00.0004 0x19c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:00:00.0013 0x19c0  SiSRaid4 - ok
13:00:00.0021 0x19c0  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:00:00.0033 0x19c0  SkypeUpdate - ok
13:00:00.0038 0x19c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:00:00.0064 0x19c0  Smb - ok
13:00:00.0071 0x19c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:00:00.0082 0x19c0  SNMPTRAP - ok
13:00:00.0086 0x19c0  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
13:00:00.0096 0x19c0  speedfan - ok
13:00:00.0099 0x19c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:00:00.0108 0x19c0  spldr - ok
13:00:00.0123 0x19c0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:00:00.0144 0x19c0  Spooler - ok
13:00:00.0210 0x19c0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:00:00.0305 0x19c0  sppsvc - ok
13:00:00.0314 0x19c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:00:00.0340 0x19c0  sppuinotify - ok
13:00:00.0353 0x19c0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:00:00.0372 0x19c0  srv - ok
13:00:00.0384 0x19c0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:00:00.0401 0x19c0  srv2 - ok
13:00:00.0409 0x19c0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:00:00.0421 0x19c0  srvnet - ok
13:00:00.0427 0x19c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:00:00.0455 0x19c0  SSDPSRV - ok
13:00:00.0460 0x19c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:00:00.0486 0x19c0  SstpSvc - ok
13:00:00.0491 0x19c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:00:00.0500 0x19c0  stexstor - ok
13:00:00.0515 0x19c0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:00:00.0540 0x19c0  stisvc - ok
13:00:00.0545 0x19c0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:00:00.0554 0x19c0  storflt - ok
13:00:00.0558 0x19c0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
13:00:00.0568 0x19c0  StorSvc - ok
13:00:00.0573 0x19c0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:00:00.0582 0x19c0  storvsc - ok
13:00:00.0586 0x19c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:00:00.0595 0x19c0  swenum - ok
13:00:00.0608 0x19c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:00:00.0643 0x19c0  swprv - ok
13:00:00.0677 0x19c0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:00:00.0725 0x19c0  SysMain - ok
13:00:00.0737 0x19c0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:00:00.0752 0x19c0  TabletInputService - ok
13:00:00.0761 0x19c0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:00:00.0792 0x19c0  TapiSrv - ok
13:00:00.0796 0x19c0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:00:00.0822 0x19c0  TBS - ok
13:00:00.0863 0x19c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:00:00.0905 0x19c0  Tcpip - ok
13:00:00.0946 0x19c0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:00:00.0988 0x19c0  TCPIP6 - ok
13:00:00.0996 0x19c0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:00:01.0006 0x19c0  tcpipreg - ok
13:00:01.0011 0x19c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:00:01.0021 0x19c0  TDPIPE - ok
13:00:01.0025 0x19c0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:00:01.0034 0x19c0  TDTCP - ok
13:00:01.0039 0x19c0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:00:01.0064 0x19c0  tdx - ok
13:00:01.0152 0x19c0  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
13:00:01.0245 0x19c0  TeamViewer9 - ok
13:00:01.0257 0x19c0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:00:01.0267 0x19c0  TermDD - ok
13:00:01.0283 0x19c0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
13:00:01.0321 0x19c0  TermService - ok
13:00:01.0326 0x19c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:00:01.0340 0x19c0  Themes - ok
13:00:01.0345 0x19c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:00:01.0370 0x19c0  THREADORDER - ok
13:00:01.0376 0x19c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:00:01.0403 0x19c0  TrkWks - ok
13:00:01.0409 0x19c0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:00:01.0436 0x19c0  TrustedInstaller - ok
13:00:01.0442 0x19c0  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:00:01.0451 0x19c0  tssecsrv - ok
13:00:01.0456 0x19c0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:00:01.0466 0x19c0  TsUsbFlt - ok
13:00:01.0470 0x19c0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:00:01.0479 0x19c0  TsUsbGD - ok
13:00:01.0524 0x19c0  [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
13:00:01.0568 0x19c0  TuneUp.UtilitiesSvc - ok
13:00:01.0575 0x19c0  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
13:00:01.0584 0x19c0  TuneUpUtilitiesDrv - ok
13:00:01.0589 0x19c0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:00:01.0615 0x19c0  tunnel - ok
13:00:01.0620 0x19c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:00:01.0630 0x19c0  uagp35 - ok
13:00:01.0639 0x19c0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:00:01.0669 0x19c0  udfs - ok
13:00:01.0677 0x19c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:00:01.0688 0x19c0  UI0Detect - ok
13:00:01.0692 0x19c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:00:01.0702 0x19c0  uliagpkx - ok
13:00:01.0706 0x19c0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:00:01.0716 0x19c0  umbus - ok
13:00:01.0720 0x19c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:00:01.0729 0x19c0  UmPass - ok
13:00:01.0736 0x19c0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:00:01.0753 0x19c0  UmRdpService - ok
13:00:01.0763 0x19c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:00:01.0795 0x19c0  upnphost - ok
13:00:01.0803 0x19c0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:00:01.0813 0x19c0  usbccgp - ok
13:00:01.0819 0x19c0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:00:01.0830 0x19c0  usbcir - ok
13:00:01.0836 0x19c0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:00:01.0845 0x19c0  usbehci - ok
13:00:01.0850 0x19c0  [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
13:00:01.0859 0x19c0  usbfilter - ok
13:00:01.0869 0x19c0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:00:01.0887 0x19c0  usbhub - ok
13:00:01.0891 0x19c0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:00:01.0901 0x19c0  usbohci - ok
13:00:01.0905 0x19c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:00:01.0916 0x19c0  usbprint - ok
13:00:01.0922 0x19c0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:00:01.0933 0x19c0  USBSTOR - ok
13:00:01.0938 0x19c0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:00:01.0947 0x19c0  usbuhci - ok
13:00:01.0953 0x19c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:00:01.0979 0x19c0  UxSms - ok
13:00:01.0984 0x19c0  [ F136966EB7D751075AE020D85F718F59, 8DFF4F8584F1AC5A9D9E5D6D4986657916E9C51B1809A22D155FB7208039EC90 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
13:00:01.0993 0x19c0  UxTuneUp - ok
13:00:01.0997 0x19c0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
13:00:02.0007 0x19c0  VaultSvc - ok
13:00:02.0011 0x19c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:00:02.0020 0x19c0  vdrvroot - ok
13:00:02.0033 0x19c0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:00:02.0067 0x19c0  vds - ok
13:00:02.0072 0x19c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:00:02.0084 0x19c0  vga - ok
13:00:02.0087 0x19c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:00:02.0112 0x19c0  VgaSave - ok
13:00:02.0118 0x19c0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:00:02.0131 0x19c0  vhdmp - ok
13:00:02.0135 0x19c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:00:02.0143 0x19c0  viaide - ok
13:00:02.0149 0x19c0  [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
13:00:02.0157 0x19c0  VMAuthdService - ok
13:00:02.0164 0x19c0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:00:02.0176 0x19c0  vmbus - ok
13:00:02.0180 0x19c0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:00:02.0190 0x19c0  VMBusHID - ok
13:00:02.0195 0x19c0  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
13:00:02.0204 0x19c0  vmci - ok
13:00:02.0208 0x19c0  [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
13:00:02.0216 0x19c0  vmkbd - ok
13:00:02.0220 0x19c0  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
13:00:02.0227 0x19c0  VMnetAdapter - ok
13:00:02.0232 0x19c0  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
13:00:02.0240 0x19c0  VMnetBridge - ok
13:00:02.0244 0x19c0  VMnetDHCP - ok
13:00:02.0248 0x19c0  [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
13:00:02.0256 0x19c0  VMnetuserif - ok
13:00:02.0262 0x19c0  [ F347A28F63162FF82BDDAADC14935BA4, 44C11B483CCA161E7097ED74C819464FE99C1E6AA9B1AB6A637BACDA6EF48519 ] vmusb           C:\Windows\system32\DRIVERS\vmusb.sys
13:00:02.0269 0x19c0  vmusb - ok
13:00:02.0290 0x19c0  [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:00:02.0313 0x19c0  VMUSBArbService - ok
13:00:02.0319 0x19c0  VMware NAT Service - ok
13:00:02.0325 0x19c0  [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
13:00:02.0333 0x19c0  vmx86 - ok
13:00:02.0338 0x19c0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:00:02.0347 0x19c0  volmgr - ok
13:00:02.0357 0x19c0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:00:02.0371 0x19c0  volmgrx - ok
13:00:02.0380 0x19c0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:00:02.0395 0x19c0  volsnap - ok
13:00:02.0402 0x19c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:00:02.0415 0x19c0  vsmraid - ok
13:00:02.0424 0x19c0  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
13:00:02.0433 0x19c0  vsock - ok
13:00:02.0465 0x19c0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:00:02.0521 0x19c0  VSS - ok
13:00:02.0527 0x19c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:00:02.0538 0x19c0  vwifibus - ok
13:00:02.0543 0x19c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:00:02.0557 0x19c0  vwififlt - ok
13:00:02.0561 0x19c0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:00:02.0574 0x19c0  vwifimp - ok
13:00:02.0586 0x19c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:00:02.0622 0x19c0  W32Time - ok
13:00:02.0628 0x19c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:00:02.0640 0x19c0  WacomPen - ok
13:00:02.0645 0x19c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:00:02.0672 0x19c0  WANARP - ok
13:00:02.0676 0x19c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:00:02.0702 0x19c0  Wanarpv6 - ok
13:00:02.0735 0x19c0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:00:02.0777 0x19c0  wbengine - ok
13:00:02.0787 0x19c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:00:02.0805 0x19c0  WbioSrvc - ok
13:00:02.0815 0x19c0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:00:02.0836 0x19c0  wcncsvc - ok
13:00:02.0841 0x19c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:00:02.0852 0x19c0  WcsPlugInService - ok
13:00:02.0856 0x19c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:00:02.0868 0x19c0  Wd - ok
13:00:02.0889 0x19c0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:00:02.0913 0x19c0  Wdf01000 - ok
13:00:02.0920 0x19c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:00:02.0935 0x19c0  WdiServiceHost - ok
13:00:02.0940 0x19c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:00:02.0956 0x19c0  WdiSystemHost - ok
13:00:02.0965 0x19c0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:00:02.0982 0x19c0  WebClient - ok
13:00:02.0990 0x19c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:00:03.0019 0x19c0  Wecsvc - ok
13:00:03.0025 0x19c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:00:03.0051 0x19c0  wercplsupport - ok
13:00:03.0056 0x19c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:00:03.0083 0x19c0  WerSvc - ok
13:00:03.0087 0x19c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:00:03.0111 0x19c0  WfpLwf - ok
13:00:03.0115 0x19c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:00:03.0125 0x19c0  WIMMount - ok
13:00:03.0128 0x19c0  WinDefend - ok
13:00:03.0136 0x19c0  WinHttpAutoProxySvc - ok
13:00:03.0147 0x19c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:00:03.0176 0x19c0  Winmgmt - ok
13:00:03.0214 0x19c0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:00:03.0279 0x19c0  WinRM - ok
13:00:03.0290 0x19c0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:00:03.0302 0x19c0  WinUsb - ok
13:00:03.0321 0x19c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:00:03.0353 0x19c0  Wlansvc - ok
13:00:03.0400 0x19c0  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:00:03.0449 0x19c0  wlidsvc - ok
13:00:03.0457 0x19c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:00:03.0466 0x19c0  WmiAcpi - ok
13:00:03.0476 0x19c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:00:03.0490 0x19c0  wmiApSrv - ok
13:00:03.0493 0x19c0  WMPNetworkSvc - ok
13:00:03.0499 0x19c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:00:03.0509 0x19c0  WPCSvc - ok
13:00:03.0514 0x19c0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:00:03.0527 0x19c0  WPDBusEnum - ok
13:00:03.0531 0x19c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:00:03.0555 0x19c0  ws2ifsl - ok
13:00:03.0561 0x19c0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:00:03.0576 0x19c0  wscsvc - ok
13:00:03.0580 0x19c0  WSearch - ok
13:00:03.0628 0x19c0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:00:03.0682 0x19c0  wuauserv - ok
13:00:03.0691 0x19c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:00:03.0701 0x19c0  WudfPf - ok
13:00:03.0709 0x19c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:00:03.0722 0x19c0  WUDFRd - ok
13:00:03.0728 0x19c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:00:03.0739 0x19c0  wudfsvc - ok
13:00:03.0747 0x19c0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:00:03.0762 0x19c0  WwanSvc - ok
13:00:03.0780 0x19c0  ================ Scan global ===============================
13:00:03.0783 0x19c0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:00:03.0790 0x19c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:00:03.0801 0x19c0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:00:03.0807 0x19c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:00:03.0817 0x19c0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:00:03.0823 0x19c0  [ Global ] - ok
13:00:03.0823 0x19c0  ================ Scan MBR ==================================
13:00:03.0825 0x19c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:00:04.0034 0x19c0  \Device\Harddisk0\DR0 - ok
13:00:04.0036 0x19c0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:00:04.0092 0x19c0  \Device\Harddisk1\DR1 - ok
13:00:04.0092 0x19c0  ================ Scan VBR ==================================
13:00:04.0094 0x19c0  [ 13FA4CBBD8674AF552A512C8E4292E90 ] \Device\Harddisk0\DR0\Partition1
13:00:04.0096 0x19c0  \Device\Harddisk0\DR0\Partition1 - ok
13:00:04.0098 0x19c0  [ 3CB0BE21EBCC9C19A09A936DC6C4D18B ] \Device\Harddisk0\DR0\Partition2
13:00:04.0099 0x19c0  \Device\Harddisk0\DR0\Partition2 - ok
13:00:04.0102 0x19c0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
13:00:04.0102 0x19c0  \Device\Harddisk1\DR1\Partition1 - ok
13:00:04.0105 0x19c0  [ 4AE35993D34EBC3C3218DD7D072B30DB ] \Device\Harddisk1\DR1\Partition2
13:00:04.0161 0x19c0  \Device\Harddisk1\DR1\Partition2 - ok
13:00:04.0162 0x19c0  ================ Scan generic autorun ======================
13:00:04.0405 0x19c0  [ 66EB84DA5F31FDA757336444B8D1E3B2, FECAB747B321AD6ED2336C1FB2E756C39883275ED54A559CF7B6989DEA4DD7EB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:00:04.0644 0x19c0  RTHDVCPL - ok
13:00:04.0664 0x19c0  [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
13:00:04.0676 0x19c0  BLEServicesCtrl - ok
13:00:04.0678 0x19c0  BTMTrayAgent - ok
13:00:04.0703 0x19c0  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
13:00:04.0737 0x19c0  MSC - ok
13:00:04.0743 0x19c0  [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
13:00:04.0749 0x19c0  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
13:00:07.0413 0x19c0  Detect skipped due to KSN trusted
13:00:07.0413 0x19c0  NUSB3MON - ok
13:00:07.0431 0x19c0  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:00:07.0450 0x19c0  avgnt - ok
13:00:07.0460 0x19c0  [ 9C99AF6C0C4892A83066FFA04265F95C, 18E94B8322960C56A7D0BEDF77D026F0318904ECC230B6121E97E6993B999B4F ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
13:00:07.0472 0x19c0  StatusAlerts - ok
13:00:07.0484 0x19c0  [ 1606A7B4DA56B3BA369FC612F45A3362, A50B1FADEA3DB60E8D5F18390FD34D8F95D3F0C2C4F78F3791177FCD9CFB21F0 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
13:00:07.0495 0x19c0  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
13:00:10.0749 0x19c0  Detect skipped due to KSN trusted
13:00:10.0749 0x19c0  FreePDF Assistant - ok
13:00:10.0756 0x19c0  [ 6EF8ECD06B52726A16CB8CE20338B5D9, 44CA0958E024F5A0AD4AF999AB24221F302D3BB37AC58D406E32C87FC6192CF9 ] C:\Program Files (x86)\PDF24\pdf24.exe
13:00:10.0766 0x19c0  PDFPrint - ok
13:00:10.0771 0x19c0  [ 6A188ECFCA5A2A6F41CA145FC93F96A6, 48D70FAA4C4F6F1F6542E2C54085857CE6906A69C0412E8A08BF69010FDF07CF ] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
13:00:10.0775 0x19c0  EasyTuneVI - detected UnsignedFile.Multi.Generic ( 1 )
13:00:13.0610 0x19c0  Detect skipped due to KSN trusted
13:00:13.0610 0x19c0  EasyTuneVI - ok
13:00:13.0632 0x19c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:00:13.0684 0x19c0  Sidebar - ok
13:00:13.0690 0x19c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:00:13.0706 0x19c0  mctadmin - ok
13:00:13.0730 0x19c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:00:13.0761 0x19c0  Sidebar - ok
13:00:13.0767 0x19c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:00:13.0781 0x19c0  mctadmin - ok
13:00:13.0796 0x19c0  [ 93E5D5B31267DB04C61A15D846BB3787, A73D7DA17C8B58E43E2C81B301D0BBD7973CA2EA85BCF513B8947628E05CA4D4 ] C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
13:00:13.0813 0x19c0  ScreenSplitter - detected UnsignedFile.Multi.Generic ( 1 )
13:00:16.0549 0x19c0  ScreenSplitter ( UnsignedFile.Multi.Generic ) - warning
13:00:16.0549 0x19c0  Force sending object to P2P due to detect: C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
13:00:19.0566 0x19c0  Object send P2P result: true
13:00:22.0471 0x19c0  [ D5D021AEFA851CD0E8948EA4974EF88C, 596C02AFAB31F44A52E8F3BEEC869557C5DB3CDFB2A559721F25614EFE768D53 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
13:00:22.0489 0x19c0  GarminExpressTrayApp - ok
13:00:22.0501 0x19c0  [ 549A6319EAF040D8B8ECFF8ADF9F36D0, CE020A2C761C7D71BAE183AAF3A251909A06C31E518872A9682A8994F4D475B2 ] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
13:00:22.0516 0x19c0  AppEx Accelerator UI - ok
13:00:22.0550 0x19c0  [ B91D5F7C0119DC4EE67684F52631D3E4, 4BFD7A433AB65F77426D21A8F3B38AE0BAF5DDDD952FF2EF3E0E64E8F5D0B30D ] C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
13:00:22.0586 0x19c0  AEM - ok
13:00:22.0604 0x19c0  [ 5AB8DB8F9CADBFBB3C132E8316FE337E, 18111E333A0EDCBD5A645164DB571E35E2319A250CBFA75616049786E27A9D1A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
13:00:22.0626 0x19c0  GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26 - ok
13:00:22.0639 0x19c0  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
13:00:22.0669 0x19c0  Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64 - ok
13:00:22.0670 0x19c0  Waiting for KSN requests completion. In queue: 5
13:00:23.0670 0x19c0  Waiting for KSN requests completion. In queue: 5
13:00:24.0670 0x19c0  Waiting for KSN requests completion. In queue: 5
13:00:25.0708 0x19c0  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
13:00:25.0709 0x19c0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
13:00:25.0712 0x19c0  Win FW state via NFP2: enabled
13:00:28.0403 0x19c0  ============================================================
13:00:28.0403 0x19c0  Scan finished
13:00:28.0403 0x19c0  ============================================================
13:00:28.0411 0x0880  Detected object count: 1
13:00:28.0411 0x0880  Actual detected object count: 1
13:00:38.0996 0x0880  ScreenSplitter ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:38.0996 0x0880  ScreenSplitter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:00:41.0754 0x0c34  Deinitialize success
         
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.02.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17280
Sebastian :: SEBASTIAN-PC [limited]

02.10.2014 13:03:21
mbar-log-2014-10-02 (13-03-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 315536
Time elapsed: 7 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
__________________

Alt 03.10.2014, 11:45   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Unbekannter Upload - Standard

Unbekannter Upload



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.10.2014, 18:06   #5
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Moin,

hatte alles deaktiviert was ich deaktivieren sollte, aber bei microsoft security essentials hat er dennoch gemeckert.

Danke

krampf

Code:
ATTFilter
ComboFix 14-10-04.01 - Sebastian 06.10.2014  17:58:48.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.7368.5307 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
c:\users\SEBAST~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Sebastian\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-09-06 bis 2014-10-06  ))))))))))))))))))))))))))))))
.
.
2014-10-06 16:02 . 2014-10-06 16:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-10-05 20:33 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D3B3207-140C-4C98-ACAC-10F816CA3735}\mpengine.dll
2014-10-03 09:41 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-22 13:03 . 2014-09-22 13:03	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 13:03 . 2014-09-22 13:03	--------	d-----w-	c:\programdata\Malwarebytes
2014-09-22 13:03 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-09-22 13:03 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-09-12 17:40 . 2014-09-12 17:40	--------	d-----w-	c:\programdata\ATI
2014-09-12 17:39 . 2014-09-12 17:39	--------	d-----w-	c:\program files\AMD Quick Stream
2014-09-12 17:39 . 2014-09-12 17:39	--------	d-----w-	c:\program files (x86)\AMD AVT
2014-09-12 17:39 . 2014-09-12 17:39	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2014-09-12 17:38 . 2014-02-16 16:23	60640	----a-w-	c:\windows\system32\drivers\usbfilter.sys
2014-09-12 17:37 . 2014-09-12 17:38	--------	d-----w-	c:\program files\ATI Technologies
2014-09-12 17:04 . 2014-09-12 17:04	--------	d-----w-	c:\program files\CCleaner
2014-09-10 01:00 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-09-10 01:00 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-09 19:42 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-09-09 19:42 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-09-09 19:41 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-09-09 19:41 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-09-09 19:40 . 2014-07-07 02:06	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-09-09 19:40 . 2014-07-07 02:06	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-09-09 19:40 . 2014-07-07 01:40	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-09-09 19:40 . 2014-07-07 01:40	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-09-09 19:40 . 2014-07-07 01:39	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-09-09 19:40 . 2014-09-05 02:10	578048	----a-w-	c:\windows\system32\aepdu.dll
2014-09-09 19:40 . 2014-09-05 02:05	424448	----a-w-	c:\windows\system32\aeinv.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-06 16:03 . 2014-02-07 00:23	25640	----a-w-	c:\windows\gdrv.sys
2014-10-06 16:02 . 2014-07-20 14:22	65536	----a-w-	c:\windows\system32\spu_storage.bin
2014-10-06 15:26 . 2014-02-12 19:34	30528	----a-w-	c:\windows\GVTDrv64.sys
2014-10-06 15:26 . 2014-02-12 19:34	25640	----a-w-	c:\windows\etdrv.sys
2014-09-25 17:04 . 2014-06-13 18:04	590536	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-24 14:42 . 2014-04-29 15:58	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 14:42 . 2014-04-29 15:58	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42 . 2010-11-21 03:27	278152	------w-	c:\windows\system32\MpSigStub.exe
2014-09-17 20:44 . 2014-02-27 19:21	1188440	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-10 01:00 . 2014-02-07 00:14	101694776	----a-w-	c:\windows\system32\MRT.exe
2014-08-23 02:07 . 2014-08-28 07:24	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 07:24	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 07:24	3163648	----a-w-	c:\windows\system32\win32k.sys
2014-08-12 16:49 . 2014-08-12 16:49	127872	----a-w-	c:\windows\system32\amdhcp64.dll
2014-08-12 16:49 . 2014-08-12 16:49	117560	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2014-08-12 16:49 . 2014-08-12 16:49	78432	----a-w-	c:\windows\system32\atimpc64.dll
2014-08-12 16:49 . 2014-08-12 16:49	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2014-08-12 16:49 . 2014-08-12 16:49	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2014-08-12 16:49 . 2014-08-12 16:49	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2014-08-12 16:49 . 2014-08-12 16:49	143304	----a-w-	c:\windows\system32\atiuxp64.dll
2014-08-12 16:49 . 2013-12-06 22:03	126336	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2014-08-12 16:48 . 2014-04-18 02:42	99520	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2014-08-12 16:48 . 2014-02-07 16:31	117584	----a-w-	c:\windows\system32\atiu9p64.dll
2014-08-12 16:48 . 2014-02-07 16:31	1331424	----a-w-	c:\windows\system32\aticfx64.dll
2014-08-12 16:48 . 2014-02-07 16:31	1110992	----a-w-	c:\windows\SysWow64\aticfx32.dll
2014-08-12 16:47 . 2014-08-12 16:47	10527312	----a-w-	c:\windows\system32\atidxx64.dll
2014-08-12 16:47 . 2013-12-06 21:59	9023464	----a-w-	c:\windows\SysWow64\atidxx32.dll
2014-08-12 16:47 . 2014-04-18 02:42	7102496	----a-w-	c:\windows\SysWow64\atiumdva.dll
2014-08-12 16:47 . 2014-04-18 02:42	6879016	----a-w-	c:\windows\SysWow64\atiumdag.dll
2014-08-12 16:47 . 2014-02-07 16:31	7892000	----a-w-	c:\windows\system32\atiumd6a.dll
2014-08-12 16:47 . 2014-02-07 16:31	8108312	----a-w-	c:\windows\system32\atiumd64.dll
2014-08-12 15:56 . 2014-08-12 15:56	276192	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-08-12 15:20 . 2014-08-12 15:20	15965184	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-08-12 15:07 . 2014-08-12 15:07	231424	----a-w-	c:\windows\system32\clinfo.exe
2014-08-12 15:06 . 2014-08-12 15:06	98816	----a-w-	c:\windows\system32\OpenVideo64.dll
2014-08-12 15:06 . 2014-08-12 15:06	83456	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2014-08-12 15:06 . 2014-08-12 15:06	86528	----a-w-	c:\windows\system32\OVDecode64.dll
2014-08-12 15:06 . 2014-08-12 15:06	73216	----a-w-	c:\windows\SysWow64\OVDecode.dll
2014-08-12 15:06 . 2014-08-12 15:06	32876544	----a-w-	c:\windows\system32\amdocl64.dll
2014-08-12 15:03 . 2014-08-12 15:03	27843072	----a-w-	c:\windows\SysWow64\amdocl.dll
2014-08-12 15:00 . 2014-08-12 15:00	65024	----a-w-	c:\windows\system32\OpenCL.dll
2014-08-12 15:00 . 2014-08-12 15:00	58880	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-08-12 14:49 . 2014-08-12 14:49	127488	----a-w-	c:\windows\system32\mantle64.dll
2014-08-12 14:49 . 2014-08-12 14:49	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2014-08-12 14:48 . 2014-08-12 14:48	5225472	----a-w-	c:\windows\system32\amdmantle64.dll
2014-08-12 14:41 . 2014-08-12 14:41	27528704	----a-w-	c:\windows\system32\atio6axx.dll
2014-08-12 14:32 . 2014-08-12 14:32	4180992	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2014-08-12 14:21 . 2014-08-12 14:21	23027712	----a-w-	c:\windows\SysWow64\atioglxx.dll
2014-08-12 14:16 . 2014-08-12 14:16	91648	----a-w-	c:\windows\system32\mantleaxl64.dll
2014-08-12 14:16 . 2014-08-12 14:16	366592	----a-w-	c:\windows\system32\atiapfxx.exe
2014-08-12 14:16 . 2014-08-12 14:16	85504	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2014-08-12 14:16 . 2014-08-12 14:16	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2014-08-12 14:16 . 2014-08-12 14:16	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2014-08-12 14:16 . 2014-08-12 14:16	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2014-08-12 14:16 . 2014-08-12 14:16	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2014-08-12 14:16 . 2014-08-12 14:16	15716352	----a-w-	c:\windows\system32\aticaldd64.dll
2014-08-12 14:13 . 2014-08-12 14:13	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2014-08-12 14:00 . 2014-08-12 14:00	48128	----a-w-	c:\windows\system32\amdmmcl6.dll
2014-08-12 14:00 . 2014-08-12 14:00	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-08-12 14:00 . 2014-08-12 14:00	37888	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2014-08-12 13:59 . 2014-08-12 13:59	31232	----a-w-	c:\windows\system32\atimuixx.dll
2014-08-12 13:59 . 2014-08-12 13:59	588800	----a-w-	c:\windows\system32\atieclxx.exe
2014-08-12 13:59 . 2014-08-12 13:59	239616	----a-w-	c:\windows\system32\atiesrxx.exe
2014-08-12 13:58 . 2014-08-12 13:58	190976	----a-w-	c:\windows\system32\atitmm64.dll
2014-08-12 13:43 . 2014-08-12 13:43	826368	----a-w-	c:\windows\system32\coinst_14.20.dll
2014-08-12 13:35 . 2014-08-12 13:35	95744	----a-w-	c:\windows\system32\amdave64.dll
2014-08-12 13:35 . 2014-08-12 13:35	90112	----a-w-	c:\windows\SysWow64\amdave32.dll
2014-08-12 13:34 . 2014-08-12 13:34	89088	----a-w-	c:\windows\system32\atisamu64.dll
2014-08-12 13:34 . 2014-08-12 13:34	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2014-08-12 13:34 . 2014-08-12 13:34	1207296	----a-w-	c:\windows\system32\atiadlxx.dll
2014-08-12 13:34 . 2013-12-06 20:22	898560	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2014-08-12 13:34 . 2014-08-12 13:34	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2014-08-12 13:34 . 2014-08-12 13:34	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34	146944	----a-w-	c:\windows\system32\atig6txx.dll
2014-08-12 13:33 . 2014-08-12 13:33	133632	----a-w-	c:\windows\SysWow64\atigktxx.dll
2014-08-12 13:33 . 2014-08-12 13:33	557568	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-08-12 13:28 . 2014-08-12 13:28	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-08-12 09:17 . 2014-08-12 09:17	51200	----a-w-	c:\windows\system32\kdbsdk64.dll
2014-08-12 09:12 . 2014-08-12 09:12	38912	----a-w-	c:\windows\SysWow64\kdbsdk32.dll
2014-07-30 20:45 . 2014-07-30 20:45	262096	----a-w-	c:\windows\system32\gcp_portmon64.dll
2014-07-25 10:55 . 2014-05-15 10:50	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-07-17 16:05 . 2014-07-17 16:05	269008	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2014-07-17 16:05 . 2013-09-27 08:53	125584	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-07-14 02:02 . 2014-08-14 01:27	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 01:27	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-14 01:27	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-14 01:27	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-14 01:27	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-14 01:27	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-14 01:27	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-14 01:27	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-14 01:27	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38	223432	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38	223432	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38	223432	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScreenSplitter"="c:\program files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe" [2013-07-24 695296]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
"AppEx Accelerator UI"="c:\program files\AMD Quick Stream\AMDQuickStream.exe" [2014-03-31 482528]
"AEM"="c:\program files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe" [2014-07-16 1721128]
"GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-23 852808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-05 751184]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2014-01-09 374784]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-06-04 191528]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-08-12 767200]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 cpuz136;cpuz136;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 getbus;getbus;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AEM Service5;AEM Service5;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe ;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe  [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS-Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 17:15	1096520	----a-w-	c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 14:42]
.
2014-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
2014-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38	262344	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38	262344	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38	262344	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-25 17:05	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-25 17:05	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-25 17:05	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-03 13651672]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"NUSB3MON"="c:\program files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe" [2012-04-11 97280]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-10-06  18:04:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-10-06 16:04
.
Vor Suchlauf: 15 Verzeichnis(se), 34.056.536.064 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 34.496.430.080 Bytes frei
.
- - End Of File - - A62F44EF9DB50996AF35D0B53D6C66F1
A36C5E4F47E84449FF07ED3517B43A31
         


Alt 07.10.2014, 14:38   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Unbekannter Upload - Standard

Unbekannter Upload



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Unbekannter Upload

Alt 13.10.2014, 14:08   #7
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Hallo,

hier die gewünschten Logs:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 13.10.2014
Scan Time: 13:38:34
Logfile: MBMA.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.13.02
Rootkit Database: v2014.10.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sebastian

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 326347
Time Elapsed: 7 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.000 - Bericht erstellt am 13/10/2014 um 13:58:41
# DB v2014-10-12.3
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Sebastian - SEBASTIAN-PC
# Gestartet von : C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Sebastian\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\ProgramData\Tarma Installer

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Google Chrome v37.0.2062.124

Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=FF&o=14594&locale=en_US&apn_uid=526931a6-e79f-40c6-8cb9-159bb43add78&apn_ptnrs=FV&apn_sauid=6A0DA348-3FCD-45FC-BA95-AE1F009416FC&apn_dtid=YYYYYYYYDE&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1081 octets] - [13/10/2014 13:57:02]
AdwCleaner[S0].txt - [1199 octets] - [13/10/2014 13:58:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1259 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 7 Professional x64
Ran by Sebastian on 13.10.2014 at 14:02:08,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\CloudBerry Explorer for Amazon S3
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.10.2014 at 14:04:26,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Sebastian (administrator) on SEBASTIAN-PC on 13-10-2014 14:06:14
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\My Avira\Temp\avira_de.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\My Avira\Temp\avira_de.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{9bd9b85e-7792-483b-a318-cc51ff0877ed}] => C:\ProgramData\Package Cache\{9bd9b85e-7792-483b-a318-cc51ff0877ed}\Avira.OE.Setup.Bundle.exe [757168 2014-10-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 14:06 - 2014-10-13 14:06 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:04 - 2014-10-13 14:04 - 00000780 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-13 13:58 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-11 10:43 - 2014-10-11 11:14 - 00000000 ____D () C:\Users\Sebastian\Desktop\Neuer Ordner
2014-10-11 10:43 - 2014-10-11 10:43 - 01253033 _____ () C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 18:04 - 2014-10-06 18:04 - 00029146 _____ () C:\ComboFix.txt
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:27 - 2014-10-06 17:28 - 05582481 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-13 14:06 - 00021384 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-13 14:06 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-13 14:06 - 02110464 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:10 - 00000000 ____D () C:\Users\Sebastian\Desktop\SmartCC
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-13 13:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-29 16:05 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC 30
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent
2014-09-14 23:19 - 2014-09-14 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 23:18 - 2014-09-14 23:19 - 06057862 _____ (Tim Kosse) C:\Users\Sebastian\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-13 21:16 - 2014-09-13 21:16 - 00763575 _____ () C:\Users\Sebastian\Downloads\ArenaValue.1.0.5.0.zip
2014-09-13 13:50 - 2014-10-13 13:59 - 00014580 _____ () C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-13 14:06 - 2014-02-07 07:26 - 01364265 _____ () C:\Windows\WindowsUpdate.log
2014-10-13 14:05 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-13 14:05 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-13 14:05 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 14:00 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-13 13:59 - 2014-09-12 19:28 - 00004316 _____ () C:\Windows\setupact.log
2014-10-13 13:59 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-13 13:59 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 13:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-13 13:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-13 13:36 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-13 13:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 11:42 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-12 11:42 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-12 11:35 - 2014-07-30 22:45 - 00006300 _____ () C:\Windows\system32\debug.log
2014-10-12 00:54 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-12 00:38 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-08 19:21 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 18:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-28 01:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 19:17 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-20 12:38 - 2014-09-07 13:22 - 00000000 ____D () C:\Users\Sebastian\Desktop\HC
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-14 23:19 - 2014-08-30 01:05 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client

Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 17:48

==================== End Of Log ============================
         
--- --- ---

Alt 14.10.2014, 09:39   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Unbekannter Upload - Standard

Unbekannter Upload




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.10.2014, 00:41   #9
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Hi,

Problem besteht leider weiterhin, Eset hat wohl auch einige Dinge gefunden.

Grüße

krampf

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=db73c508ef80b64ba32d7060bb7ab9c6
# engine=20613
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-15 05:24:57
# local_time=2014-10-15 07:24:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 7945 26041922 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2247721 36374291 0 0
# scanned=199188
# found=9
# cleaned=0
# scan_time=5013
sh=3B2C6F08E067B4013B78F0016E63214ADA4139F3 ft=1 fh=7486909139e87987 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-3995683688-22251476-601076843-1000\$RKKCKZE\SmartBotClient.exe"
sh=5B8C35A31F88C2C119610C67CBBFE60D690FD109 ft=1 fh=a6936b7a5812caae vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\DebugTool.exe"
sh=3F7117C4D7A1361BF7A8B9650C21CE6BF78AF0D5 ft=1 fh=cb4cec47b87b5c02 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\ProfileCompiler.exe"
sh=6350DDA743CCE658B1377581C8E8734ED9A94A81 ft=1 fh=c4063b8e35df0a7a vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\SmartBotGUI.exe"
sh=2E79D609E04AE283CE9812B256A68D20A7F118FC ft=1 fh=271a9a06c5353ac6 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Desktop\Neuer Ordner\SmartBotUpdater.exe"
sh=446E344A4F539271FDC5389612B52FD10DC1D1DA ft=1 fh=7384d50452ea868f vn="Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Downloads\FileZilla_3.2.7.1_win32-setup.exe"
sh=7C2BE43355F8BC5B8EE5630EEB64687D30C56A45 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Downloads\sb-v3.7z"
sh=32D402D4DCA7FDB3D4EA98CD1853313D7DD7A3D0 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Packed.NoobyProtect.G evtl. unerwünschte Anwendung" ac=I fn="${Memory}"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop                   
Microsoft Security Essentials   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 Java 7 Update 67  
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Google Chrome 37.0.2062.124  
 Google Chrome 38.0.2125.104  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Sebastian (administrator) on SEBASTIAN-PC on 16-10-2014 00:38:41
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 19:44 - 2014-10-15 19:44 - 00854417 _____ () C:\Users\Sebastian\Downloads\SecurityCheck.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 02347384 _____ (ESET) C:\Users\Sebastian\Downloads\esetsmartinstaller_deu.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-14 09:42 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-14 09:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-14 09:42 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-14 09:42 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-13 20:28 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-13 20:28 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-13 20:28 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-13 20:28 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-13 20:28 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-13 20:28 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-13 20:28 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-13 20:28 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-10-13 20:28 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-10-13 20:28 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-10-13 20:28 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-10-13 20:28 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-10-13 20:27 - 2012-09-28 02:11 - 00407552 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-10-13 20:27 - 2012-09-28 02:05 - 00408576 _____ () C:\Windows\SysWOW64\hpcc3140.DLL
2014-10-13 20:26 - 2012-08-30 19:52 - 00512512 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-10-13 14:08 - 2014-10-13 14:08 - 00000000 ____D () C:\ProgramData\CloudBerry Explorer for Amazon S3
2014-10-13 14:06 - 2014-10-16 00:38 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:04 - 2014-10-13 14:04 - 00000780 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-13 13:58 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-11 10:43 - 2014-10-14 01:03 - 00000000 ____D () C:\Users\Sebastian\Desktop\Neuer Ordner
2014-10-11 10:43 - 2014-10-11 10:43 - 01253033 _____ () C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 18:04 - 2014-10-06 18:04 - 00029146 _____ () C:\ComboFix.txt
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:27 - 2014-10-06 17:28 - 05582481 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-16 00:38 - 00021033 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-16 00:38 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-16 00:38 - 02111488 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-13 13:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 00:35 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 00:35 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 00:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 23:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-15 23:14 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 22:25 - 2014-02-07 07:26 - 01734867 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 20:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-15 20:14 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-15 20:14 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-15 20:14 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-15 20:10 - 2014-09-12 19:28 - 00004540 _____ () C:\Windows\setupact.log
2014-10-15 20:10 - 2014-07-30 22:45 - 00006840 _____ () C:\Windows\system32\debug.log
2014-10-15 20:10 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-15 20:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 20:09 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-15 20:08 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-15 17:19 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-15 17:16 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-14 11:35 - 2014-02-18 18:34 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 11:35 - 2014-02-07 07:47 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 11:35 - 2014-02-07 07:47 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 20:30 - 2014-09-13 13:50 - 00019612 _____ () C:\Windows\PFRO.log
2014-10-13 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 20:28 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-12 00:54 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-12 00:38 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 18:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2014-09-16 21:25 - 2014-08-30 01:06 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\FileZilla
2014-09-16 02:03 - 2014-06-14 19:30 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 02:03 - 2014-06-14 19:30 - 00001100 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 00:03

==================== End Of Log ============================
         
--- --- ---

Alt 16.10.2014, 19:32   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Unbekannter Upload - Standard

Unbekannter Upload



Du kannst ja die ESET Funde am Besten beschreiben. Was soll der Schmarn in dem Desktop Ordner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.10.2014, 00:13   #11
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



So, ich bin alles vor vorn nochmal durchgegangen, nachdem ich alles gemeldete entfernt habe.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 18-10-2014 21:07:03
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5134\Battle.net.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 16:46 - 2014-10-18 16:46 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Apple Computer
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Plex Media Server
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Apple Computer
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-10-18 11:20 - 2014-10-18 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-10-18 11:19 - 2014-10-18 11:19 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\ProgramData\Apple
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-18 11:11 - 2014-10-18 11:36 - 173681482 _____ () C:\Users\Sebastian\Downloads\smartshare.zip
2014-10-18 11:11 - 2014-10-18 11:12 - 52385872 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\Plex-Media-Server-v0.9.502-en-US.exe
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 19:55 - 2014-10-16 19:55 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-15 19:44 - 2014-10-15 19:44 - 00854417 _____ () C:\Users\Sebastian\Downloads\SecurityCheck.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 02347384 _____ (ESET) C:\Users\Sebastian\Downloads\esetsmartinstaller_deu.exe
2014-10-15 17:15 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 17:15 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 17:15 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 17:15 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:15 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:15 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:15 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:15 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:15 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:15 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:15 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:15 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:15 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:15 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:15 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:15 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:15 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:15 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:15 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:15 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:15 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:15 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:15 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:15 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:15 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:15 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 17:15 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 17:15 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 17:15 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 17:15 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 17:15 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 17:15 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 17:15 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 17:15 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 17:15 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 17:15 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:14 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 17:14 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 17:14 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:14 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 17:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:14 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:14 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:14 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:14 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:14 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 09:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-13 20:28 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-13 20:28 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-13 20:28 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-13 20:28 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-13 20:28 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-13 20:28 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-13 20:28 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-10-13 20:28 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-10-13 20:28 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-10-13 20:28 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-10-13 20:28 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-10-13 20:27 - 2012-09-28 02:11 - 00407552 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-10-13 20:27 - 2012-09-28 02:05 - 00408576 _____ () C:\Windows\SysWOW64\hpcc3140.DLL
2014-10-13 20:26 - 2012-08-30 19:52 - 00512512 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-10-13 14:08 - 2014-10-13 14:08 - 00000000 ____D () C:\ProgramData\CloudBerry Explorer for Amazon S3
2014-10-13 14:06 - 2014-10-18 21:06 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:04 - 2014-10-13 14:04 - 00000780 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-13 13:58 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-11 10:43 - 2014-10-11 10:43 - 01253033 _____ () C:\Users\Sebastian\Downloads\sb-v8-autoupdater.7z
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 18:04 - 2014-10-06 18:04 - 00029146 _____ () C:\ComboFix.txt
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:27 - 2014-10-06 17:28 - 05582481 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-02 13:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-18 21:07 - 00021313 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-18 21:07 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-18 21:06 - 02112000 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 17:09 - 2014-09-24 17:09 - 01027788 _____ () C:\Users\Sebastian\Downloads\sb-v3.7z
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-18 17:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip
2014-09-18 22:37 - 2014-09-18 22:37 - 00093734 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00082970 _____ () C:\Users\Sebastian\Downloads\Compensation claim 1 1.jpeg
2014-09-18 22:37 - 2014-09-18 22:37 - 00074757 _____ () C:\Users\Sebastian\Downloads\Compensation claim .jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00082829 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  2.jpeg
2014-09-18 22:29 - 2014-09-18 22:29 - 00075826 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris .jpeg
2014-09-18 22:28 - 2014-09-18 22:28 - 00096815 _____ () C:\Users\Sebastian\Downloads\Compensation claim Joris  1.jpeg
2014-09-18 01:04 - 2014-09-18 01:04 - 00002613 _____ () C:\Users\Sebastian\Downloads\BR.ALT-Robin.Schulz.and.Alligatoah-Willst.Du-WEB-DE-2014-VOiCE.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 21:04 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-18 20:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 20:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 18:09 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 18:09 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 16:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-18 12:13 - 2014-02-07 07:26 - 01924562 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 10:26 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 10:26 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 10:26 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 10:20 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-18 10:19 - 2014-09-12 19:28 - 00004932 _____ () C:\Windows\setupact.log
2014-10-18 10:19 - 2014-07-30 22:45 - 00007290 _____ () C:\Windows\system32\debug.log
2014-10-18 10:19 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 10:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 02:39 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-17 00:59 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-16 23:52 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-16 23:32 - 2014-02-11 21:43 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 19:58 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\VMware
2014-10-16 19:57 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\VMware
2014-10-16 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 07:24 - 2014-09-13 13:50 - 00020296 _____ () C:\Windows\PFRO.log
2014-10-16 07:24 - 2009-07-14 06:45 - 00328664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 07:23 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 03:03 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 03:00 - 2014-02-07 02:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 17:19 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-15 17:16 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-13 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 20:28 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 18:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
C:\Users\Sebastian\AppData\Local\Temp\Quarantine.exe
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 00:03

==================== End Of Log ============================
         
--- --- ---

Alt 19.10.2014, 00:15   #12
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Code:
ATTFilter
21:12:53.0976 0x0cf4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:12:55.0806 0x0cf4  ============================================================
21:12:55.0806 0x0cf4  Current date / time: 2014/10/18 21:12:55.0806
21:12:55.0806 0x0cf4  SystemInfo:
21:12:55.0806 0x0cf4  
21:12:55.0806 0x0cf4  OS Version: 6.1.7601 ServicePack: 1.0
21:12:55.0806 0x0cf4  Product type: Workstation
21:12:55.0806 0x0cf4  ComputerName: SEBASTIAN-PC
21:12:55.0806 0x0cf4  UserName: Sebastian
21:12:55.0806 0x0cf4  Windows directory: C:\Windows
21:12:55.0806 0x0cf4  System windows directory: C:\Windows
21:12:55.0806 0x0cf4  Running under WOW64
21:12:55.0806 0x0cf4  Processor architecture: Intel x64
21:12:55.0806 0x0cf4  Number of processors: 4
21:12:55.0806 0x0cf4  Page size: 0x1000
21:12:55.0806 0x0cf4  Boot type: Normal boot
21:12:55.0806 0x0cf4  ============================================================
21:12:55.0849 0x0cf4  KLMD registered as C:\Windows\system32\drivers\24156953.sys
21:12:55.0942 0x0cf4  System UUID: {FE78A10A-DE45-D547-1B13-58B4FF0E4953}
21:12:56.0270 0x0cf4  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:56.0270 0x0cf4  Drive \Device\Harddisk1\DR1 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:56.0276 0x0cf4  ============================================================
21:12:56.0276 0x0cf4  \Device\Harddisk0\DR0:
21:12:56.0276 0x0cf4  MBR partitions:
21:12:56.0276 0x0cf4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:12:56.0276 0x0cf4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
21:12:56.0276 0x0cf4  \Device\Harddisk1\DR1:
21:12:56.0276 0x0cf4  GPT partitions:
21:12:56.0277 0x0cf4  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E01FF506-7EB2-4E25-AA8E-B07FB398FC36}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
21:12:56.0277 0x0cf4  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EAF328F9-814C-40C6-ABC3-6005FCE88F15}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xD1BCB000
21:12:56.0277 0x0cf4  MBR partitions:
21:12:56.0277 0x0cf4  ============================================================
21:12:56.0277 0x0cf4  C: <-> \Device\Harddisk0\DR0\Partition2
21:12:56.0278 0x0cf4  E: <-> \Device\Harddisk1\DR1\Partition2
21:12:56.0278 0x0cf4  ============================================================
21:12:56.0278 0x0cf4  Initialize success
21:12:56.0278 0x0cf4  ============================================================
21:13:02.0839 0x106c  ============================================================
21:13:02.0839 0x106c  Scan started
21:13:02.0839 0x106c  Mode: Manual; SigCheck; TDLFS; 
21:13:02.0839 0x106c  ============================================================
21:13:02.0839 0x106c  KSN ping started
21:13:05.0577 0x106c  KSN ping finished: true
21:13:05.0785 0x106c  ================ Scan system memory ========================
21:13:05.0785 0x106c  System memory - ok
21:13:05.0786 0x106c  ================ Scan services =============================
21:13:05.0820 0x106c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:13:05.0857 0x106c  1394ohci - ok
21:13:05.0869 0x106c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:13:05.0883 0x106c  ACPI - ok
21:13:05.0887 0x106c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:13:05.0898 0x106c  AcpiPmi - ok
21:13:05.0903 0x106c  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:13:05.0911 0x106c  AdobeARMservice - ok
21:13:05.0931 0x106c  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:13:05.0942 0x106c  AdobeFlashPlayerUpdateSvc - ok
21:13:05.0954 0x106c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:13:05.0971 0x106c  adp94xx - ok
21:13:05.0981 0x106c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:13:05.0994 0x106c  adpahci - ok
21:13:06.0001 0x106c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:13:06.0012 0x106c  adpu320 - ok
21:13:06.0019 0x106c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:13:06.0043 0x106c  AeLookupSvc - ok
21:13:06.0053 0x106c  [ 2FAD0C11FFD2E47622B06E5D8BC0DBBE, B0508783F40A8964D490E4B15CD33534CCA5D4D9B9AE0481921D975902795C14 ] AEM Service5    C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
21:13:06.0063 0x106c  AEM Service5 - detected UnsignedFile.Multi.Generic ( 1 )
21:13:08.0850 0x106c  Detect skipped due to KSN trusted
21:13:08.0850 0x106c  AEM Service5 - ok
21:13:08.0862 0x106c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:13:08.0880 0x106c  AFD - ok
21:13:08.0885 0x106c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:13:08.0893 0x106c  agp440 - ok
21:13:08.0898 0x106c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:13:08.0908 0x106c  ALG - ok
21:13:08.0912 0x106c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:13:08.0919 0x106c  aliide - ok
21:13:08.0927 0x106c  [ 689760C1BDE6C663CAF996F6BFE093BD, 99EE58B532F69323169C58A2FA88F9A3857A96F2111D3F38C84F71826B4FDEBC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:13:08.0942 0x106c  AMD External Events Utility - ok
21:13:08.0946 0x106c  AMD FUEL Service - ok
21:13:08.0952 0x106c  [ 05120427227F6F088ECA75942ED7ACA9, BD25436EB43C6718F5E6A4C3C24831189D3A893DC87AA0ADED993B7C3126F2E9 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
21:13:08.0960 0x106c  amdhub30 - ok
21:13:08.0964 0x106c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:13:08.0972 0x106c  amdide - ok
21:13:08.0977 0x106c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:13:08.0986 0x106c  AmdK8 - ok
21:13:09.0263 0x106c  [ 7A0EEC010B9F5FB20198EF06505AC44F, 8B62E693F82F21342B4B81A9D87850CD63111EA2104A931DBBAF5F41740E859A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:13:09.0560 0x106c  amdkmdag - ok
21:13:09.0597 0x106c  [ 3C355B3D0A3FB9FC3A298D0480D673EF, FC69982C900C7803793E57D5E9542DDB81A87DCA180BC992846EFD9376AF0D71 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:13:09.0619 0x106c  amdkmdap - ok
21:13:09.0624 0x106c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:13:09.0633 0x106c  AmdPPM - ok
21:13:09.0639 0x106c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:13:09.0648 0x106c  amdsata - ok
21:13:09.0656 0x106c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:13:09.0667 0x106c  amdsbs - ok
21:13:09.0671 0x106c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:13:09.0679 0x106c  amdxata - ok
21:13:09.0687 0x106c  [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
21:13:09.0697 0x106c  amdxhc - ok
21:13:09.0703 0x106c  [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
21:13:09.0712 0x106c  amd_sata - ok
21:13:09.0716 0x106c  [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
21:13:09.0723 0x106c  amd_xata - ok
21:13:09.0729 0x106c  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2.0  C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys
21:13:09.0741 0x106c  AODDriver4.2.0 - ok
21:13:09.0745 0x106c  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:13:09.0753 0x106c  AODDriver4.3 - ok
21:13:09.0758 0x106c  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
21:13:09.0767 0x106c  AppID - ok
21:13:09.0771 0x106c  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:13:09.0781 0x106c  AppIDSvc - ok
21:13:09.0786 0x106c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:13:09.0796 0x106c  Appinfo - ok
21:13:09.0803 0x106c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:13:09.0814 0x106c  AppMgmt - ok
21:13:09.0822 0x106c  [ A3C7FC7D3FD8B9FA5FD4B8AF903363D3, 2CCB9380839C4E4AD305F61F13CD5A6B2699C85C8338446AE1F88A0B9048FA04 ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
21:13:09.0833 0x106c  APXACC - ok
21:13:09.0838 0x106c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:13:09.0847 0x106c  arc - ok
21:13:09.0852 0x106c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:13:09.0861 0x106c  arcsas - ok
21:13:09.0873 0x106c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:13:09.0883 0x106c  aspnet_state - ok
21:13:09.0887 0x106c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:13:09.0910 0x106c  AsyncMac - ok
21:13:09.0914 0x106c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:13:09.0921 0x106c  atapi - ok
21:13:09.0928 0x106c  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:13:09.0938 0x106c  AtiHDAudioService - ok
21:13:09.0954 0x106c  [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:13:09.0974 0x106c  AudioEndpointBuilder - ok
21:13:09.0989 0x106c  [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:13:10.0009 0x106c  AudioSrv - ok
21:13:10.0017 0x106c  [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
21:13:10.0026 0x106c  Avira.OE.ServiceHost - ok
21:13:10.0030 0x106c  avkmgr - ok
21:13:10.0037 0x106c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:13:10.0050 0x106c  AxInstSV - ok
21:13:10.0062 0x106c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:13:10.0078 0x106c  b06bdrv - ok
21:13:10.0087 0x106c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:13:10.0100 0x106c  b57nd60a - ok
21:13:10.0108 0x106c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:13:10.0118 0x106c  BDESVC - ok
21:13:10.0121 0x106c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:13:10.0144 0x106c  Beep - ok
21:13:10.0161 0x106c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:13:10.0182 0x106c  BFE - ok
21:13:10.0201 0x106c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
21:13:10.0239 0x106c  BITS - ok
21:13:10.0244 0x106c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:13:10.0254 0x106c  blbdrive - ok
21:13:10.0279 0x106c  [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:13:10.0306 0x106c  Bluetooth Device Monitor - ok
21:13:10.0339 0x106c  [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:13:10.0369 0x106c  Bluetooth Media Service - ok
21:13:10.0398 0x106c  [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:13:10.0424 0x106c  Bluetooth OBEX Service - ok
21:13:10.0435 0x106c  [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
21:13:10.0447 0x106c  Bonjour Service - ok
21:13:10.0454 0x106c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:13:10.0463 0x106c  bowser - ok
21:13:10.0467 0x106c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:13:10.0477 0x106c  BrFiltLo - ok
21:13:10.0480 0x106c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:13:10.0491 0x106c  BrFiltUp - ok
21:13:10.0496 0x106c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:13:10.0520 0x106c  BridgeMP - ok
21:13:10.0527 0x106c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:13:10.0538 0x106c  Browser - ok
21:13:10.0546 0x106c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:13:10.0560 0x106c  Brserid - ok
21:13:10.0565 0x106c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:13:10.0575 0x106c  BrSerWdm - ok
21:13:10.0579 0x106c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:13:10.0589 0x106c  BrUsbMdm - ok
21:13:10.0594 0x106c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:13:10.0602 0x106c  BrUsbSer - ok
21:13:10.0607 0x106c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:13:10.0616 0x106c  BthEnum - ok
21:13:10.0624 0x106c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:13:10.0636 0x106c  BTHMODEM - ok
21:13:10.0641 0x106c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:13:10.0653 0x106c  BthPan - ok
21:13:10.0667 0x106c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:13:10.0684 0x106c  BTHPORT - ok
21:13:10.0690 0x106c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:13:10.0715 0x106c  bthserv - ok
21:13:10.0720 0x106c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:13:10.0729 0x106c  BTHUSB - ok
21:13:10.0735 0x106c  [ BD64048EE0186D7988943327D677AC84, 436910AEDDBAED02A8E71BA0A96EBDE1906B20AA29F02BE2B20946898B4B0C27 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
21:13:10.0743 0x106c  btmaudio - ok
21:13:10.0749 0x106c  [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
21:13:10.0758 0x106c  btmaux - ok
21:13:10.0790 0x106c  [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
21:13:10.0820 0x106c  btmhsf - ok
21:13:10.0827 0x106c  catchme - ok
21:13:10.0833 0x106c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:13:10.0857 0x106c  cdfs - ok
21:13:10.0866 0x106c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:13:10.0879 0x106c  cdrom - ok
21:13:10.0884 0x106c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:13:10.0908 0x106c  CertPropSvc - ok
21:13:10.0912 0x106c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:13:10.0923 0x106c  circlass - ok
21:13:10.0933 0x106c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:13:10.0947 0x106c  CLFS - ok
21:13:10.0995 0x106c  [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:13:11.0046 0x106c  ClickToRunSvc - ok
21:13:11.0055 0x106c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:13:11.0063 0x106c  clr_optimization_v2.0.50727_32 - ok
21:13:11.0070 0x106c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:13:11.0078 0x106c  clr_optimization_v2.0.50727_64 - ok
21:13:11.0088 0x106c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:13:11.0099 0x106c  clr_optimization_v4.0.30319_32 - ok
21:13:11.0106 0x106c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:13:11.0117 0x106c  clr_optimization_v4.0.30319_64 - ok
21:13:11.0121 0x106c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:13:11.0130 0x106c  CmBatt - ok
21:13:11.0134 0x106c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:13:11.0142 0x106c  cmdide - ok
21:13:11.0154 0x106c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:13:11.0174 0x106c  CNG - ok
21:13:11.0178 0x106c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:13:11.0186 0x106c  Compbatt - ok
21:13:11.0190 0x106c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:13:11.0201 0x106c  CompositeBus - ok
21:13:11.0204 0x106c  COMSysApp - ok
21:13:11.0230 0x106c  cpuz136 - ok
21:13:11.0234 0x106c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:13:11.0242 0x106c  crcdisk - ok
21:13:11.0252 0x106c  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:13:11.0264 0x106c  CryptSvc - ok
21:13:11.0277 0x106c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:13:11.0294 0x106c  CSC - ok
21:13:11.0309 0x106c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:13:11.0331 0x106c  CscService - ok
21:13:11.0338 0x106c  [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
21:13:11.0346 0x106c  dc3d - ok
21:13:11.0362 0x106c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:13:11.0393 0x106c  DcomLaunch - ok
21:13:11.0402 0x106c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:13:11.0430 0x106c  defragsvc - ok
21:13:11.0435 0x106c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:13:11.0459 0x106c  DfsC - ok
21:13:11.0468 0x106c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:13:11.0482 0x106c  Dhcp - ok
21:13:11.0486 0x106c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:13:11.0510 0x106c  discache - ok
21:13:11.0514 0x106c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:13:11.0523 0x106c  Disk - ok
21:13:11.0527 0x106c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:13:11.0537 0x106c  dmvsc - ok
21:13:11.0544 0x106c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:13:11.0556 0x106c  Dnscache - ok
21:13:11.0564 0x106c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:13:11.0590 0x106c  dot3svc - ok
21:13:11.0597 0x106c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:13:11.0623 0x106c  DPS - ok
21:13:11.0627 0x106c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:13:11.0636 0x106c  drmkaud - ok
21:13:11.0656 0x106c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:13:11.0681 0x106c  DXGKrnl - ok
21:13:11.0688 0x106c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:13:11.0713 0x106c  EapHost - ok
21:13:11.0777 0x106c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:13:11.0843 0x106c  ebdrv - ok
21:13:11.0853 0x106c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
21:13:11.0863 0x106c  EFS - ok
21:13:11.0879 0x106c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:13:11.0900 0x106c  ehRecvr - ok
21:13:11.0906 0x106c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:13:11.0916 0x106c  ehSched - ok
21:13:11.0931 0x106c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:13:11.0948 0x106c  elxstor - ok
21:13:11.0952 0x106c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:13:11.0961 0x106c  ErrDev - ok
21:13:11.0966 0x106c  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
21:13:11.0973 0x106c  etdrv - ok
21:13:11.0986 0x106c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:13:12.0016 0x106c  EventSystem - ok
21:13:12.0020 0x106c  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
21:13:12.0029 0x106c  EvolveVirtualAdapter - ok
21:13:12.0035 0x106c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:13:12.0061 0x106c  exfat - ok
21:13:12.0068 0x106c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:13:12.0095 0x106c  fastfat - ok
21:13:12.0110 0x106c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:13:12.0131 0x106c  Fax - ok
21:13:12.0136 0x106c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:13:12.0145 0x106c  fdc - ok
21:13:12.0149 0x106c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:13:12.0173 0x106c  fdPHost - ok
21:13:12.0177 0x106c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:13:12.0200 0x106c  FDResPub - ok
21:13:12.0205 0x106c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:13:12.0213 0x106c  FileInfo - ok
21:13:12.0217 0x106c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:13:12.0241 0x106c  Filetrace - ok
21:13:12.0245 0x106c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:13:12.0253 0x106c  flpydisk - ok
21:13:12.0261 0x106c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:13:12.0274 0x106c  FltMgr - ok
21:13:12.0300 0x106c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:13:12.0330 0x106c  FontCache - ok
21:13:12.0336 0x106c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:13:12.0344 0x106c  FontCache3.0.0.0 - ok
21:13:12.0348 0x106c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:13:12.0356 0x106c  FsDepends - ok
21:13:12.0360 0x106c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:13:12.0368 0x106c  Fs_Rec - ok
21:13:12.0376 0x106c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:13:12.0390 0x106c  fvevol - ok
21:13:12.0395 0x106c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:13:12.0404 0x106c  gagp30kx - ok
21:13:12.0416 0x106c  [ 50FFA2F6A5BEC5BB7C39AAB76EEA3C58, E7B0934FF69994F61D9186BF28EE8EAADEB4F64BC6FAE895B2602DAC3B311235 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
21:13:12.0430 0x106c  Garmin Core Update Service - ok
21:13:12.0435 0x106c  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
21:13:12.0442 0x106c  gdrv - ok
21:13:12.0466 0x106c  getbus - ok
21:13:12.0495 0x106c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:13:12.0531 0x106c  gpsvc - ok
21:13:12.0537 0x106c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:13:12.0545 0x106c  gupdate - ok
21:13:12.0551 0x106c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:13:12.0559 0x106c  gupdatem - ok
21:13:12.0564 0x106c  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
21:13:12.0572 0x106c  GVTDrv64 - ok
21:13:12.0579 0x106c  [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
21:13:12.0587 0x106c  hcmon - ok
21:13:12.0591 0x106c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:13:12.0600 0x106c  hcw85cir - ok
21:13:12.0610 0x106c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:13:12.0627 0x106c  HdAudAddService - ok
21:13:12.0632 0x106c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:13:12.0645 0x106c  HDAudBus - ok
21:13:12.0652 0x106c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:13:12.0661 0x106c  HidBatt - ok
21:13:12.0668 0x106c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:13:12.0680 0x106c  HidBth - ok
21:13:12.0686 0x106c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:13:12.0697 0x106c  HidIr - ok
21:13:12.0702 0x106c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
21:13:12.0726 0x106c  hidserv - ok
21:13:12.0730 0x106c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:13:12.0739 0x106c  HidUsb - ok
21:13:12.0744 0x106c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:13:12.0768 0x106c  hkmsvc - ok
21:13:12.0776 0x106c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:13:12.0789 0x106c  HomeGroupListener - ok
21:13:12.0796 0x106c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:13:12.0808 0x106c  HomeGroupProvider - ok
21:13:12.0812 0x106c  [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
21:13:12.0816 0x106c  HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
21:13:15.0605 0x106c  Detect skipped due to KSN trusted
21:13:15.0605 0x106c  HP DS Service - ok
21:13:15.0613 0x106c  [ 9C42E435F629CD8512BECFA082762425, BC817D05E5B8BE05CAB05F075A2C0B3CCF39E6BBD924BD0040C698F4D4580677 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
21:13:15.0619 0x106c  HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
21:13:18.0407 0x106c  Detect skipped due to KSN trusted
21:13:18.0407 0x106c  HP LaserJet Service - ok
21:13:18.0411 0x106c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:13:18.0420 0x106c  HpSAMD - ok
21:13:18.0440 0x106c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:13:18.0476 0x106c  HTTP - ok
21:13:18.0482 0x106c  [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
21:13:18.0490 0x106c  HWiNFO32 - ok
21:13:18.0494 0x106c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:13:18.0502 0x106c  hwpolicy - ok
21:13:18.0507 0x106c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:13:18.0518 0x106c  i8042prt - ok
21:13:18.0530 0x106c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:13:18.0544 0x106c  iaStorV - ok
21:13:18.0553 0x106c  [ 42AC8F419412AFEB326C411DB1753C2F, 949D99261207502D8CAB6715980D584018BE9EAFE15C0ACF7FDAD25121BD42B4 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
21:13:18.0562 0x106c  ibtusb - ok
21:13:18.0569 0x106c  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:13:18.0575 0x106c  ICCS - detected UnsignedFile.Multi.Generic ( 1 )
21:13:21.0368 0x106c  Detect skipped due to KSN trusted
21:13:21.0368 0x106c  ICCS - ok
21:13:21.0374 0x106c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:13:21.0379 0x106c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:13:24.0058 0x106c  Detect skipped due to KSN trusted
21:13:24.0058 0x106c  IDriverT - ok
21:13:24.0077 0x106c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:13:24.0099 0x106c  idsvc - ok
21:13:24.0104 0x106c  IEEtwCollectorService - ok
21:13:24.0109 0x106c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:13:24.0117 0x106c  iirsp - ok
21:13:24.0137 0x106c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:13:24.0161 0x106c  IKEEXT - ok
21:13:24.0242 0x106c  [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:13:24.0315 0x106c  IntcAzAudAddService - ok
21:13:24.0324 0x106c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:13:24.0332 0x106c  intelide - ok
21:13:24.0337 0x106c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:13:24.0347 0x106c  intelppm - ok
21:13:24.0355 0x106c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:13:24.0381 0x106c  IPBusEnum - ok
21:13:24.0386 0x106c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:13:24.0409 0x106c  IpFilterDriver - ok
21:13:24.0425 0x106c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:13:24.0445 0x106c  iphlpsvc - ok
21:13:24.0450 0x106c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:13:24.0460 0x106c  IPMIDRV - ok
21:13:24.0465 0x106c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:13:24.0490 0x106c  IPNAT - ok
21:13:24.0494 0x106c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:13:24.0505 0x106c  IRENUM - ok
21:13:24.0509 0x106c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:13:24.0517 0x106c  isapnp - ok
21:13:24.0526 0x106c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:13:24.0538 0x106c  iScsiPrt - ok
21:13:24.0543 0x106c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:13:24.0551 0x106c  kbdclass - ok
21:13:24.0556 0x106c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:13:24.0565 0x106c  kbdhid - ok
21:13:24.0570 0x106c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
21:13:24.0579 0x106c  KeyIso - ok
21:13:24.0584 0x106c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:13:24.0593 0x106c  KSecDD - ok
21:13:24.0600 0x106c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:13:24.0610 0x106c  KSecPkg - ok
21:13:24.0614 0x106c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:13:24.0638 0x106c  ksthunk - ok
21:13:24.0649 0x106c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:13:24.0679 0x106c  KtmRm - ok
21:13:24.0687 0x106c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:13:24.0714 0x106c  LanmanServer - ok
21:13:24.0720 0x106c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:13:24.0745 0x106c  LanmanWorkstation - ok
21:13:24.0751 0x106c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:13:24.0775 0x106c  lltdio - ok
21:13:24.0784 0x106c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:13:24.0813 0x106c  lltdsvc - ok
21:13:24.0821 0x106c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:13:24.0844 0x106c  lmhosts - ok
21:13:24.0853 0x106c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:13:24.0863 0x106c  LSI_FC - ok
21:13:24.0869 0x106c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:13:24.0878 0x106c  LSI_SAS - ok
21:13:24.0883 0x106c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:13:24.0892 0x106c  LSI_SAS2 - ok
21:13:24.0897 0x106c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:13:24.0907 0x106c  LSI_SCSI - ok
21:13:24.0912 0x106c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:13:24.0937 0x106c  luafv - ok
21:13:24.0942 0x106c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:13:24.0953 0x106c  Mcx2Svc - ok
21:13:24.0957 0x106c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:13:24.0965 0x106c  megasas - ok
21:13:24.0974 0x106c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:13:24.0986 0x106c  MegaSR - ok
21:13:24.0992 0x106c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:13:25.0017 0x106c  MMCSS - ok
21:13:25.0021 0x106c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:13:25.0045 0x106c  Modem - ok
21:13:25.0048 0x106c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:13:25.0059 0x106c  monitor - ok
21:13:25.0063 0x106c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:13:25.0071 0x106c  mouclass - ok
21:13:25.0075 0x106c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:13:25.0084 0x106c  mouhid - ok
21:13:25.0090 0x106c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:13:25.0098 0x106c  mountmgr - ok
21:13:25.0107 0x106c  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:13:25.0121 0x106c  MpFilter - ok
21:13:25.0127 0x106c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:13:25.0137 0x106c  mpio - ok
21:13:25.0142 0x106c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:13:25.0167 0x106c  mpsdrv - ok
21:13:25.0184 0x106c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:13:25.0222 0x106c  MpsSvc - ok
21:13:25.0229 0x106c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:13:25.0240 0x106c  MRxDAV - ok
21:13:25.0247 0x106c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:13:25.0258 0x106c  mrxsmb - ok
21:13:25.0269 0x106c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:13:25.0282 0x106c  mrxsmb10 - ok
21:13:25.0288 0x106c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:13:25.0299 0x106c  mrxsmb20 - ok
21:13:25.0303 0x106c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:13:25.0311 0x106c  msahci - ok
21:13:25.0317 0x106c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:13:25.0327 0x106c  msdsm - ok
21:13:25.0332 0x106c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:13:25.0344 0x106c  MSDTC - ok
21:13:25.0351 0x106c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:13:25.0374 0x106c  Msfs - ok
21:13:25.0378 0x106c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:13:25.0401 0x106c  mshidkmdf - ok
21:13:25.0405 0x106c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:13:25.0412 0x106c  msisadrv - ok
21:13:25.0420 0x106c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:13:25.0446 0x106c  MSiSCSI - ok
21:13:25.0449 0x106c  msiserver - ok
21:13:25.0453 0x106c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:13:25.0477 0x106c  MSKSSRV - ok
21:13:25.0481 0x106c  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:13:25.0489 0x106c  MsMpSvc - ok
21:13:25.0493 0x106c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:13:25.0516 0x106c  MSPCLOCK - ok
21:13:25.0519 0x106c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:13:25.0543 0x106c  MSPQM - ok
21:13:25.0553 0x106c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:13:25.0566 0x106c  MsRPC - ok
21:13:25.0572 0x106c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:13:25.0580 0x106c  mssmbios - ok
21:13:25.0584 0x106c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:13:25.0607 0x106c  MSTEE - ok
21:13:25.0610 0x106c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:13:25.0620 0x106c  MTConfig - ok
21:13:25.0624 0x106c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:13:25.0632 0x106c  Mup - ok
21:13:25.0645 0x106c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:13:25.0676 0x106c  napagent - ok
21:13:25.0685 0x106c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:13:25.0702 0x106c  NativeWifiP - ok
21:13:25.0723 0x106c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:13:25.0747 0x106c  NDIS - ok
21:13:25.0752 0x106c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:13:25.0776 0x106c  NdisCap - ok
21:13:25.0779 0x106c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:13:25.0803 0x106c  NdisTapi - ok
21:13:25.0807 0x106c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:13:25.0831 0x106c  Ndisuio - ok
21:13:25.0837 0x106c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:13:25.0862 0x106c  NdisWan - ok
21:13:25.0867 0x106c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:13:25.0894 0x106c  NDProxy - ok
21:13:25.0898 0x106c  [ 1AB24A3DF1A458FA517364CBD69CCDF6, F5C751CF68E0C05E0CBDBE917A54AC012B20469F7E9880DCC7852C6A61869456 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:13:25.0903 0x106c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:13:28.0691 0x106c  Detect skipped due to KSN trusted
21:13:28.0691 0x106c  Net Driver HPZ12 - ok
21:13:28.0700 0x106c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:13:28.0724 0x106c  NetBIOS - ok
21:13:28.0732 0x106c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:13:28.0759 0x106c  NetBT - ok
21:13:28.0767 0x106c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
21:13:28.0776 0x106c  Netlogon - ok
21:13:28.0786 0x106c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:13:28.0815 0x106c  Netman - ok
21:13:28.0831 0x106c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0842 0x106c  NetMsmqActivator - ok
21:13:28.0848 0x106c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0859 0x106c  NetPipeActivator - ok
21:13:28.0871 0x106c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:13:28.0903 0x106c  netprofm - ok
21:13:28.0913 0x106c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0924 0x106c  NetTcpActivator - ok
21:13:28.0930 0x106c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:13:28.0940 0x106c  NetTcpPortSharing - ok
21:13:29.0014 0x106c  [ C765243896D8D734FD667AE42B0FB40B, B2D00B0D82450C4EA191D241D538D839400214C587CCB3FE3EE99709093825E1 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw02.sys
21:13:29.0085 0x106c  NETwNs64 - ok
21:13:29.0095 0x106c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:13:29.0103 0x106c  nfrd960 - ok
21:13:29.0108 0x106c  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:13:29.0122 0x106c  NisDrv - ok
21:13:29.0131 0x106c  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
21:13:29.0147 0x106c  NisSrv - ok
21:13:29.0157 0x106c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:13:29.0171 0x106c  NlaSvc - ok
21:13:29.0175 0x106c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:13:29.0199 0x106c  Npfs - ok
21:13:29.0202 0x106c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:13:29.0226 0x106c  nsi - ok
21:13:29.0231 0x106c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:13:29.0254 0x106c  nsiproxy - ok
21:13:29.0291 0x106c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:13:29.0328 0x106c  Ntfs - ok
21:13:29.0336 0x106c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:13:29.0359 0x106c  Null - ok
21:13:29.0365 0x106c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:13:29.0375 0x106c  nvraid - ok
21:13:29.0382 0x106c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:13:29.0392 0x106c  nvstor - ok
21:13:29.0397 0x106c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:13:29.0407 0x106c  nv_agp - ok
21:13:29.0411 0x106c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:13:29.0421 0x106c  ohci1394 - ok
21:13:29.0427 0x106c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:13:29.0437 0x106c  ose - ok
21:13:29.0530 0x106c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:13:29.0630 0x106c  osppsvc - ok
21:13:29.0647 0x106c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:13:29.0662 0x106c  p2pimsvc - ok
21:13:29.0673 0x106c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:13:29.0690 0x106c  p2psvc - ok
21:13:29.0695 0x106c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:13:29.0706 0x106c  Parport - ok
21:13:29.0711 0x106c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:13:29.0719 0x106c  partmgr - ok
21:13:29.0726 0x106c  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:13:29.0738 0x106c  PcaSvc - ok
21:13:29.0744 0x106c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:13:29.0755 0x106c  pci - ok
21:13:29.0759 0x106c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:13:29.0766 0x106c  pciide - ok
21:13:29.0774 0x106c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:13:29.0785 0x106c  pcmcia - ok
21:13:29.0791 0x106c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:13:29.0799 0x106c  pcw - ok
21:13:29.0835 0x106c  [ D0AD1271494EB9E065E902D1013BC369, 0E4DB28B5C348DF44BADC64FB8BCDA563D0515A75F0F14FD076BC39AF19BD65F ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
21:13:29.0873 0x106c  PDF Architect 2 - ok
21:13:29.0893 0x106c  [ 835E1A0AB522271FFA66E40875AB649A, EBAD6126E16593B1BEB6958772A04A8CF46B587D494E8DA2349636BF93E6900C ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
21:13:29.0912 0x106c  PDF Architect 2 Creator - ok
21:13:29.0932 0x106c  [ 89436BB836F6737F19EB2B78250E414E, 9140F42CACDDC0979B90553D43A1FA1296DD829E6235D272F9DF3670613445CF ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
21:13:29.0953 0x106c  pdfforge CrashHandler - ok
21:13:29.0970 0x106c  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:13:29.0990 0x106c  PEAUTH - ok
21:13:30.0020 0x106c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:13:30.0054 0x106c  PeerDistSvc - ok
21:13:30.0073 0x106c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:13:30.0082 0x106c  PerfHost - ok
21:13:30.0114 0x106c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:13:30.0162 0x106c  pla - ok
21:13:30.0177 0x106c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:13:30.0193 0x106c  PlugPlay - ok
21:13:30.0198 0x106c  [ 17A0A09C8C1CA72BBFB3D9E3B0A5E018, C8BF101BAB6D5400F892EE92F2E788A7096192A417707C4FA91F54EE2C29D394 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:13:30.0203 0x106c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:13:32.0989 0x106c  Detect skipped due to KSN trusted
21:13:32.0989 0x106c  Pml Driver HPZ12 - ok
21:13:32.0993 0x106c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:13:33.0003 0x106c  PNRPAutoReg - ok
21:13:33.0012 0x106c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:13:33.0026 0x106c  PNRPsvc - ok
21:13:33.0031 0x106c  [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:13:33.0040 0x106c  Point64 - ok
21:13:33.0052 0x106c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:13:33.0083 0x106c  PolicyAgent - ok
21:13:33.0092 0x106c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:13:33.0119 0x106c  Power - ok
21:13:33.0124 0x106c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:13:33.0148 0x106c  PptpMiniport - ok
21:13:33.0153 0x106c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:13:33.0163 0x106c  Processor - ok
21:13:33.0170 0x106c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:13:33.0183 0x106c  ProfSvc - ok
21:13:33.0187 0x106c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:13:33.0197 0x106c  ProtectedStorage - ok
21:13:33.0202 0x106c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:13:33.0227 0x106c  Psched - ok
21:13:33.0257 0x106c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:13:33.0292 0x106c  ql2300 - ok
21:13:33.0300 0x106c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:13:33.0310 0x106c  ql40xx - ok
21:13:33.0318 0x106c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:13:33.0335 0x106c  QWAVE - ok
21:13:33.0340 0x106c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:13:33.0352 0x106c  QWAVEdrv - ok
21:13:33.0355 0x106c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:13:33.0378 0x106c  RasAcd - ok
21:13:33.0383 0x106c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:13:33.0407 0x106c  RasAgileVpn - ok
21:13:33.0413 0x106c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:13:33.0438 0x106c  RasAuto - ok
21:13:33.0444 0x106c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:13:33.0468 0x106c  Rasl2tp - ok
21:13:33.0479 0x106c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:13:33.0508 0x106c  RasMan - ok
21:13:33.0514 0x106c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:13:33.0538 0x106c  RasPppoe - ok
21:13:33.0543 0x106c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:13:33.0567 0x106c  RasSstp - ok
21:13:33.0577 0x106c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:13:33.0604 0x106c  rdbss - ok
21:13:33.0608 0x106c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:13:33.0619 0x106c  rdpbus - ok
21:13:33.0622 0x106c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:13:33.0645 0x106c  RDPCDD - ok
21:13:33.0654 0x106c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:13:33.0665 0x106c  RDPDR - ok
21:13:33.0669 0x106c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:13:33.0692 0x106c  RDPENCDD - ok
21:13:33.0698 0x106c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:13:33.0721 0x106c  RDPREFMP - ok
21:13:33.0727 0x106c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:13:33.0736 0x106c  RdpVideoMiniport - ok
21:13:33.0744 0x106c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:13:33.0756 0x106c  RDPWD - ok
21:13:33.0763 0x106c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:13:33.0774 0x106c  rdyboost - ok
21:13:33.0780 0x106c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:13:33.0805 0x106c  RemoteAccess - ok
21:13:33.0813 0x106c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:13:33.0839 0x106c  RemoteRegistry - ok
21:13:33.0846 0x106c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:13:33.0858 0x106c  RFCOMM - ok
21:13:33.0864 0x106c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:13:33.0889 0x106c  RpcEptMapper - ok
21:13:33.0893 0x106c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:13:33.0902 0x106c  RpcLocator - ok
21:13:33.0916 0x106c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:13:33.0949 0x106c  RpcSs - ok
21:13:33.0954 0x106c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:13:33.0979 0x106c  rspndr - ok
21:13:33.0998 0x106c  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:13:34.0016 0x106c  RTL8167 - ok
21:13:34.0021 0x106c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:13:34.0029 0x106c  s3cap - ok
21:13:34.0034 0x106c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
21:13:34.0043 0x106c  SamSs - ok
21:13:34.0049 0x106c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:13:34.0058 0x106c  sbp2port - ok
21:13:34.0066 0x106c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:13:34.0092 0x106c  SCardSvr - ok
21:13:34.0096 0x106c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:13:34.0119 0x106c  scfilter - ok
21:13:34.0141 0x106c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:13:34.0202 0x106c  Schedule - ok
21:13:34.0208 0x106c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:13:34.0231 0x106c  SCPolicySvc - ok
21:13:34.0238 0x106c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:13:34.0250 0x106c  SDRSVC - ok
21:13:34.0254 0x106c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:13:34.0277 0x106c  secdrv - ok
21:13:34.0280 0x106c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:13:34.0304 0x106c  seclogon - ok
21:13:34.0310 0x106c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
21:13:34.0335 0x106c  SENS - ok
21:13:34.0338 0x106c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:13:34.0348 0x106c  SensrSvc - ok
21:13:34.0352 0x106c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:13:34.0361 0x106c  Serenum - ok
21:13:34.0370 0x106c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:13:34.0382 0x106c  Serial - ok
21:13:34.0386 0x106c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:13:34.0395 0x106c  sermouse - ok
21:13:34.0407 0x106c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:13:34.0431 0x106c  SessionEnv - ok
21:13:34.0435 0x106c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:13:34.0446 0x106c  sffdisk - ok
21:13:34.0449 0x106c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:13:34.0459 0x106c  sffp_mmc - ok
21:13:34.0463 0x106c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:13:34.0474 0x106c  sffp_sd - ok
21:13:34.0477 0x106c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:13:34.0486 0x106c  sfloppy - ok
21:13:34.0496 0x106c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:13:34.0526 0x106c  SharedAccess - ok
21:13:34.0537 0x106c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:13:34.0566 0x106c  ShellHWDetection - ok
21:13:34.0571 0x106c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:13:34.0579 0x106c  SiSRaid2 - ok
21:13:34.0584 0x106c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:13:34.0593 0x106c  SiSRaid4 - ok
21:13:34.0599 0x106c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:13:34.0623 0x106c  Smb - ok
21:13:34.0631 0x106c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:13:34.0641 0x106c  SNMPTRAP - ok
21:13:34.0645 0x106c  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
21:13:34.0655 0x106c  speedfan - ok
21:13:34.0659 0x106c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:13:34.0666 0x106c  spldr - ok
21:13:34.0681 0x106c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:13:34.0699 0x106c  Spooler - ok
21:13:34.0766 0x106c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:13:34.0852 0x106c  sppsvc - ok
21:13:34.0864 0x106c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:13:34.0890 0x106c  sppuinotify - ok
21:13:34.0904 0x106c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:13:34.0920 0x106c  srv - ok
21:13:34.0932 0x106c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:13:34.0947 0x106c  srv2 - ok
21:13:34.0955 0x106c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:13:34.0967 0x106c  srvnet - ok
21:13:34.0973 0x106c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:13:35.0001 0x106c  SSDPSRV - ok
21:13:35.0006 0x106c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:13:35.0031 0x106c  SstpSvc - ok
21:13:35.0035 0x106c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:13:35.0043 0x106c  stexstor - ok
21:13:35.0058 0x106c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:13:35.0080 0x106c  stisvc - ok
21:13:35.0086 0x106c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:13:35.0094 0x106c  storflt - ok
21:13:35.0098 0x106c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:13:35.0107 0x106c  StorSvc - ok
21:13:35.0112 0x106c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:13:35.0120 0x106c  storvsc - ok
21:13:35.0124 0x106c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:13:35.0132 0x106c  swenum - ok
21:13:35.0145 0x106c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:13:35.0178 0x106c  swprv - ok
21:13:35.0214 0x106c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:13:35.0259 0x106c  SysMain - ok
21:13:35.0267 0x106c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:13:35.0281 0x106c  TabletInputService - ok
21:13:35.0291 0x106c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:13:35.0319 0x106c  TapiSrv - ok
21:13:35.0324 0x106c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:13:35.0349 0x106c  TBS - ok
21:13:35.0390 0x106c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:13:35.0431 0x106c  Tcpip - ok
21:13:35.0475 0x106c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:13:35.0516 0x106c  TCPIP6 - ok
21:13:35.0525 0x106c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:13:35.0534 0x106c  tcpipreg - ok
21:13:35.0539 0x106c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:13:35.0548 0x106c  TDPIPE - ok
21:13:35.0552 0x106c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:13:35.0560 0x106c  TDTCP - ok
21:13:35.0566 0x106c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:13:35.0590 0x106c  tdx - ok
21:13:35.0677 0x106c  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:13:35.0769 0x106c  TeamViewer9 - ok
21:13:35.0781 0x106c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:13:35.0789 0x106c  TermDD - ok
21:13:35.0805 0x106c  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
21:13:35.0826 0x106c  TermService - ok
21:13:35.0831 0x106c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:13:35.0844 0x106c  Themes - ok
21:13:35.0849 0x106c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:13:35.0874 0x106c  THREADORDER - ok
21:13:35.0881 0x106c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:13:35.0907 0x106c  TrkWks - ok
21:13:35.0914 0x106c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:13:35.0940 0x106c  TrustedInstaller - ok
21:13:35.0946 0x106c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:13:35.0956 0x106c  tssecsrv - ok
21:13:35.0960 0x106c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:13:35.0970 0x106c  TsUsbFlt - ok
21:13:35.0975 0x106c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:13:35.0985 0x106c  TsUsbGD - ok
21:13:36.0031 0x106c  [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
21:13:36.0075 0x106c  TuneUp.UtilitiesSvc - ok
21:13:36.0081 0x106c  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
21:13:36.0089 0x106c  TuneUpUtilitiesDrv - ok
21:13:36.0095 0x106c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:13:36.0120 0x106c  tunnel - ok
21:13:36.0125 0x106c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:13:36.0133 0x106c  uagp35 - ok
21:13:36.0143 0x106c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:13:36.0171 0x106c  udfs - ok
21:13:36.0179 0x106c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:13:36.0189 0x106c  UI0Detect - ok
21:13:36.0194 0x106c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:13:36.0202 0x106c  uliagpkx - ok
21:13:36.0207 0x106c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:13:36.0216 0x106c  umbus - ok
21:13:36.0220 0x106c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:13:36.0229 0x106c  UmPass - ok
21:13:36.0236 0x106c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:13:36.0249 0x106c  UmRdpService - ok
21:13:36.0259 0x106c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:13:36.0289 0x106c  upnphost - ok
21:13:36.0296 0x106c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:13:36.0307 0x106c  usbccgp - ok
21:13:36.0312 0x106c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:13:36.0322 0x106c  usbcir - ok
21:13:36.0327 0x106c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:13:36.0336 0x106c  usbehci - ok
21:13:36.0341 0x106c  [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:13:36.0349 0x106c  usbfilter - ok
21:13:36.0359 0x106c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:13:36.0374 0x106c  usbhub - ok
21:13:36.0378 0x106c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:13:36.0386 0x106c  usbohci - ok
21:13:36.0392 0x106c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:13:36.0403 0x106c  usbprint - ok
21:13:36.0408 0x106c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:13:36.0418 0x106c  USBSTOR - ok
21:13:36.0422 0x106c  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:13:36.0431 0x106c  usbuhci - ok
21:13:36.0435 0x106c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:13:36.0460 0x106c  UxSms - ok
21:13:36.0466 0x106c  [ F136966EB7D751075AE020D85F718F59, 8DFF4F8584F1AC5A9D9E5D6D4986657916E9C51B1809A22D155FB7208039EC90 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
21:13:36.0474 0x106c  UxTuneUp - ok
21:13:36.0478 0x106c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
21:13:36.0487 0x106c  VaultSvc - ok
21:13:36.0491 0x106c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:13:36.0499 0x106c  vdrvroot - ok
21:13:36.0512 0x106c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:13:36.0545 0x106c  vds - ok
21:13:36.0550 0x106c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:13:36.0560 0x106c  vga - ok
21:13:36.0565 0x106c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:13:36.0588 0x106c  VgaSave - ok
21:13:36.0595 0x106c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:13:36.0606 0x106c  vhdmp - ok
21:13:36.0611 0x106c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:13:36.0619 0x106c  viaide - ok
21:13:36.0624 0x106c  [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
21:13:36.0632 0x106c  VMAuthdService - ok
21:13:36.0639 0x106c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:13:36.0650 0x106c  vmbus - ok
21:13:36.0654 0x106c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:13:36.0662 0x106c  VMBusHID - ok
21:13:36.0668 0x106c  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
21:13:36.0676 0x106c  vmci - ok
21:13:36.0681 0x106c  [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
21:13:36.0688 0x106c  vmkbd - ok
21:13:36.0692 0x106c  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:13:36.0700 0x106c  VMnetAdapter - ok
21:13:36.0705 0x106c  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:13:36.0713 0x106c  VMnetBridge - ok
21:13:36.0716 0x106c  VMnetDHCP - ok
21:13:36.0721 0x106c  [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
21:13:36.0728 0x106c  VMnetuserif - ok
21:13:36.0733 0x106c  [ F347A28F63162FF82BDDAADC14935BA4, 44C11B483CCA161E7097ED74C819464FE99C1E6AA9B1AB6A637BACDA6EF48519 ] vmusb           C:\Windows\system32\DRIVERS\vmusb.sys
21:13:36.0741 0x106c  vmusb - ok
21:13:36.0762 0x106c  [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:13:36.0785 0x106c  VMUSBArbService - ok
21:13:36.0792 0x106c  VMware NAT Service - ok
21:13:36.0798 0x106c  [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
21:13:36.0806 0x106c  vmx86 - ok
21:13:36.0810 0x106c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:13:36.0819 0x106c  volmgr - ok
21:13:36.0828 0x106c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:13:36.0842 0x106c  volmgrx - ok
21:13:36.0851 0x106c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:13:36.0865 0x106c  volsnap - ok
21:13:36.0873 0x106c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:13:36.0883 0x106c  vsmraid - ok
21:13:36.0889 0x106c  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
21:13:36.0897 0x106c  vsock - ok
21:13:36.0930 0x106c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:13:36.0982 0x106c  VSS - ok
21:13:36.0991 0x106c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:13:37.0001 0x106c  vwifibus - ok
21:13:37.0005 0x106c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:13:37.0017 0x106c  vwififlt - ok
21:13:37.0021 0x106c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:13:37.0033 0x106c  vwifimp - ok
21:13:37.0045 0x106c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:13:37.0075 0x106c  W32Time - ok
21:13:37.0081 0x106c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:13:37.0091 0x106c  WacomPen - ok
21:13:37.0096 0x106c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:13:37.0119 0x106c  WANARP - ok
21:13:37.0124 0x106c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:13:37.0147 0x106c  Wanarpv6 - ok
21:13:37.0180 0x106c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:13:37.0216 0x106c  wbengine - ok
21:13:37.0226 0x106c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:13:37.0242 0x106c  WbioSrvc - ok
21:13:37.0253 0x106c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:13:37.0273 0x106c  wcncsvc - ok
21:13:37.0277 0x106c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:13:37.0287 0x106c  WcsPlugInService - ok
21:13:37.0291 0x106c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:13:37.0299 0x106c  Wd - ok
21:13:37.0317 0x106c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:13:37.0340 0x106c  Wdf01000 - ok
21:13:37.0346 0x106c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:13:37.0360 0x106c  WdiServiceHost - ok
21:13:37.0365 0x106c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:13:37.0379 0x106c  WdiSystemHost - ok
21:13:37.0388 0x106c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:13:37.0402 0x106c  WebClient - ok
21:13:37.0410 0x106c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:13:37.0439 0x106c  Wecsvc - ok
21:13:37.0444 0x106c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:13:37.0470 0x106c  wercplsupport - ok
21:13:37.0475 0x106c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:13:37.0501 0x106c  WerSvc - ok
21:13:37.0505 0x106c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:13:37.0528 0x106c  WfpLwf - ok
21:13:37.0532 0x106c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:13:37.0540 0x106c  WIMMount - ok
21:13:37.0543 0x106c  WinDefend - ok
21:13:37.0551 0x106c  WinHttpAutoProxySvc - ok
21:13:37.0563 0x106c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:13:37.0591 0x106c  Winmgmt - ok
21:13:37.0630 0x106c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:13:37.0690 0x106c  WinRM - ok
21:13:37.0702 0x106c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:13:37.0713 0x106c  WinUsb - ok
21:13:37.0732 0x106c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:13:37.0760 0x106c  Wlansvc - ok
21:13:37.0808 0x106c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:13:37.0857 0x106c  wlidsvc - ok
21:13:37.0866 0x106c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:13:37.0880 0x106c  WmiAcpi - ok
21:13:37.0890 0x106c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:13:37.0903 0x106c  wmiApSrv - ok
21:13:37.0906 0x106c  WMPNetworkSvc - ok
21:13:37.0911 0x106c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:13:37.0921 0x106c  WPCSvc - ok
21:13:37.0926 0x106c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:13:37.0939 0x106c  WPDBusEnum - ok
21:13:37.0944 0x106c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:13:37.0967 0x106c  ws2ifsl - ok
21:13:37.0972 0x106c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
21:13:37.0986 0x106c  wscsvc - ok
21:13:37.0990 0x106c  WSearch - ok
21:13:38.0044 0x106c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:13:38.0099 0x106c  wuauserv - ok
21:13:38.0108 0x106c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:13:38.0118 0x106c  WudfPf - ok
21:13:38.0126 0x106c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:13:38.0137 0x106c  WUDFRd - ok
21:13:38.0144 0x106c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:13:38.0154 0x106c  wudfsvc - ok
21:13:38.0163 0x106c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:13:38.0177 0x106c  WwanSvc - ok
21:13:38.0193 0x106c  ================ Scan global ===============================
21:13:38.0196 0x106c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:13:38.0203 0x106c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:13:38.0214 0x106c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:13:38.0221 0x106c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:13:38.0230 0x106c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:13:38.0236 0x106c  [ Global ] - ok
21:13:38.0236 0x106c  ================ Scan MBR ==================================
21:13:38.0239 0x106c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:13:38.0447 0x106c  \Device\Harddisk0\DR0 - ok
21:13:38.0450 0x106c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:13:38.0464 0x106c  \Device\Harddisk1\DR1 - ok
21:13:38.0464 0x106c  ================ Scan VBR ==================================
21:13:38.0466 0x106c  [ 13FA4CBBD8674AF552A512C8E4292E90 ] \Device\Harddisk0\DR0\Partition1
21:13:38.0467 0x106c  \Device\Harddisk0\DR0\Partition1 - ok
21:13:38.0470 0x106c  [ 3CB0BE21EBCC9C19A09A936DC6C4D18B ] \Device\Harddisk0\DR0\Partition2
21:13:38.0471 0x106c  \Device\Harddisk0\DR0\Partition2 - ok
21:13:38.0474 0x106c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
21:13:38.0474 0x106c  \Device\Harddisk1\DR1\Partition1 - ok
21:13:38.0478 0x106c  [ 4AE35993D34EBC3C3218DD7D072B30DB ] \Device\Harddisk1\DR1\Partition2
21:13:38.0480 0x106c  \Device\Harddisk1\DR1\Partition2 - ok
21:13:38.0480 0x106c  ================ Scan generic autorun ======================
21:13:38.0731 0x106c  [ 66EB84DA5F31FDA757336444B8D1E3B2, FECAB747B321AD6ED2336C1FB2E756C39883275ED54A559CF7B6989DEA4DD7EB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:13:38.0973 0x106c  RTHDVCPL - ok
21:13:38.0994 0x106c  [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
21:13:39.0003 0x106c  BLEServicesCtrl - ok
21:13:39.0005 0x106c  BTMTrayAgent - ok
21:13:39.0031 0x106c  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
21:13:39.0064 0x106c  MSC - ok
21:13:39.0070 0x106c  [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
21:13:39.0074 0x106c  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
21:13:41.0885 0x106c  Detect skipped due to KSN trusted
21:13:41.0885 0x106c  NUSB3MON - ok
21:13:41.0894 0x106c  [ 9C99AF6C0C4892A83066FFA04265F95C, 18E94B8322960C56A7D0BEDF77D026F0318904ECC230B6121E97E6993B999B4F ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
21:13:41.0906 0x106c  StatusAlerts - ok
21:13:41.0917 0x106c  [ 1606A7B4DA56B3BA369FC612F45A3362, A50B1FADEA3DB60E8D5F18390FD34D8F95D3F0C2C4F78F3791177FCD9CFB21F0 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
21:13:41.0927 0x106c  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
21:13:44.0634 0x106c  Detect skipped due to KSN trusted
21:13:44.0634 0x106c  FreePDF Assistant - ok
21:13:44.0645 0x106c  [ 6EF8ECD06B52726A16CB8CE20338B5D9, 44CA0958E024F5A0AD4AF999AB24221F302D3BB37AC58D406E32C87FC6192CF9 ] C:\Program Files (x86)\PDF24\pdf24.exe
21:13:44.0658 0x106c  PDFPrint - ok
21:13:44.0675 0x106c  [ 93E5D5B31267DB04C61A15D846BB3787, A73D7DA17C8B58E43E2C81B301D0BBD7973CA2EA85BCF513B8947628E05CA4D4 ] C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
21:13:44.0691 0x106c  ScreenSplitter - detected UnsignedFile.Multi.Generic ( 1 )
21:13:47.0499 0x106c  Detect skipped due to KSN trusted
21:13:47.0499 0x106c  ScreenSplitter - ok
21:13:47.0514 0x106c  [ D5D021AEFA851CD0E8948EA4974EF88C, 596C02AFAB31F44A52E8F3BEEC869557C5DB3CDFB2A559721F25614EFE768D53 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:13:47.0532 0x106c  GarminExpressTrayApp - ok
21:13:47.0544 0x106c  [ 549A6319EAF040D8B8ECFF8ADF9F36D0, CE020A2C761C7D71BAE183AAF3A251909A06C31E518872A9682A8994F4D475B2 ] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
21:13:47.0559 0x106c  AppEx Accelerator UI - ok
21:13:47.0593 0x106c  [ B91D5F7C0119DC4EE67684F52631D3E4, 4BFD7A433AB65F77426D21A8F3B38AE0BAF5DDDD952FF2EF3E0E64E8F5D0B30D ] C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
21:13:47.0629 0x106c  AEM - ok
21:13:47.0648 0x106c  [ B53D59915A356B06C1D7DE5B22B4177C, 98E7DF7D9695E0CB18B2C1B39473E147C6C943828950CB9EBAD71C82241FDBD7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
21:13:47.0669 0x106c  GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26 - ok
21:13:47.0718 0x106c  [ D6B3AF9E3CE610B69AB1D38262DAE833, CBE366A5459A651537466B9F5017AB87FA8AD5B28F4FADE3FA66B4D97950B5D7 ] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
21:13:47.0771 0x106c  Plex Media Server - ok
21:13:47.0775 0x106c  Waiting for KSN requests completion. In queue: 7
21:13:48.0775 0x106c  Waiting for KSN requests completion. In queue: 7
21:13:49.0775 0x106c  Waiting for KSN requests completion. In queue: 7
21:13:50.0782 0x106c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
21:13:50.0785 0x106c  Win FW state via NFP2: enabled
21:13:53.0490 0x106c  ============================================================
21:13:53.0490 0x106c  Scan finished
21:13:53.0490 0x106c  ============================================================
21:13:53.0499 0x11fc  Detected object count: 0
21:13:53.0499 0x11fc  Actual detected object count: 0
         

Alt 19.10.2014, 00:17   #13
krampf
 
Unbekannter Upload - Standard

Unbekannter Upload



Code:
ATTFilter
MABR

Nichts gefunden.
         
Code:
ATTFilter
ComboFix 14-10-15.01 - Sebastian 18.10.2014  21:59:03.3.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.7368.5164 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-09-18 bis 2014-10-18  ))))))))))))))))))))))))))))))
.
.
2014-10-18 20:02 . 2014-10-18 20:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-10-18 09:21 . 2014-10-18 19:57	--------	d-----w-	c:\programdata\boost_interprocess
2014-10-18 09:21 . 2014-10-18 09:21	--------	d-----w-	c:\users\Sebastian\AppData\Local\Plex Media Server
2014-10-18 09:21 . 2014-10-18 09:21	--------	d-----w-	c:\users\Sebastian\AppData\Roaming\Apple Computer
2014-10-18 09:21 . 2014-10-18 09:21	--------	d-----w-	c:\users\Sebastian\AppData\Local\Apple Computer
2014-10-18 09:19 . 2014-10-18 09:19	--------	d-----w-	c:\program files (x86)\Plex
2014-10-18 09:16 . 2014-10-18 09:16	--------	d-----w-	c:\programdata\Apple
2014-10-18 09:16 . 2014-10-18 09:16	--------	d-----w-	c:\program files\Bonjour
2014-10-18 09:16 . 2014-10-18 09:16	--------	d-----w-	c:\program files (x86)\Bonjour
2014-10-18 08:31 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B7DEE43F-2742-449B-BFB9-3A1C9FD5D287}\mpengine.dll
2014-10-16 21:32 . 2014-10-16 21:32	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-10-16 21:32 . 2014-10-16 21:32	--------	d-----r-	c:\program files (x86)\Skype
2014-10-16 18:06 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-16 17:55 . 2014-10-16 17:55	--------	d-----w-	c:\program files (x86)\ESET
2014-10-15 15:14 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-14 07:42 . 2014-05-08 09:32	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2014-10-13 18:27 . 2012-09-28 00:11	559616	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpcpp140.DLL
2014-10-13 18:27 . 2012-09-28 00:11	407552	----a-w-	c:\windows\system32\hpcpn140.dll
2014-10-13 18:27 . 2012-09-28 00:05	408576	----a-w-	c:\windows\SysWow64\hpcc3140.DLL
2014-10-13 18:26 . 2012-08-30 17:52	512512	----a-w-	c:\windows\SysWow64\hpcdmc32.DLL
2014-10-13 12:08 . 2014-10-13 12:08	--------	d-----w-	c:\programdata\CloudBerry Explorer for Amazon S3
2014-10-13 12:02 . 2014-10-13 12:02	--------	d-----w-	c:\windows\ERUNT
2014-10-13 11:56 . 2014-10-13 11:58	--------	d-----w-	C:\AdwCleaner
2014-10-02 11:02 . 2014-10-18 19:28	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-10-02 09:36 . 2014-10-18 19:07	--------	d-----w-	C:\FRST
2014-10-01 15:05 . 2014-09-17 20:44	1188440	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{537E62AD-1FB1-4164-8ABC-E46BFAAA6426}\gapaengine.dll
2014-09-30 17:25 . 2014-09-25 02:08	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-30 17:25 . 2014-09-25 01:40	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-28 11:58 . 2014-09-28 11:59	--------	d-----w-	c:\users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 11:58 . 2014-09-28 11:58	--------	d-----w-	c:\programdata\TrafficMonitor
2014-09-24 06:44 . 2014-09-09 22:11	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-24 06:44 . 2014-09-09 21:47	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-09-22 16:47 . 2014-09-22 16:47	--------	d-----w-	c:\programdata\Licenses
2014-09-22 16:44 . 2014-09-22 16:44	--------	d-----w-	c:\programdata\Simply Super Software
2014-09-22 13:04 . 2014-10-18 19:21	128728	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-22 13:03 . 2014-10-18 19:19	92888	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-09-22 13:03 . 2014-10-08 18:30	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 13:03 . 2014-09-22 13:03	--------	d-----w-	c:\programdata\Malwarebytes
2014-09-22 13:03 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-09-22 13:03 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-18 19:56 . 2014-07-20 14:22	65536	----a-w-	c:\windows\system32\spu_storage.bin
2014-10-16 01:00 . 2014-02-07 00:14	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-10-06 16:03 . 2014-02-07 00:23	25640	----a-w-	c:\windows\gdrv.sys
2014-10-06 15:26 . 2014-02-12 19:34	30528	----a-w-	c:\windows\GVTDrv64.sys
2014-10-06 15:26 . 2014-02-12 19:34	25640	----a-w-	c:\windows\etdrv.sys
2014-09-25 17:04 . 2014-06-13 18:04	590536	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-24 14:42 . 2014-04-29 15:58	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 14:42 . 2014-04-29 15:58	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42 . 2010-11-21 03:27	278152	------w-	c:\windows\system32\MpSigStub.exe
2014-09-17 20:44 . 2014-02-27 19:21	1188440	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-08-23 02:07 . 2014-08-28 07:24	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 07:24	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-12 16:49 . 2014-08-12 16:49	127872	----a-w-	c:\windows\system32\amdhcp64.dll
2014-08-12 16:49 . 2014-08-12 16:49	117560	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2014-08-12 16:49 . 2014-08-12 16:49	78432	----a-w-	c:\windows\system32\atimpc64.dll
2014-08-12 16:49 . 2014-08-12 16:49	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2014-08-12 16:49 . 2014-08-12 16:49	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2014-08-12 16:49 . 2014-08-12 16:49	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2014-08-12 16:49 . 2014-08-12 16:49	143304	----a-w-	c:\windows\system32\atiuxp64.dll
2014-08-12 16:49 . 2013-12-06 22:03	126336	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2014-08-12 16:48 . 2014-04-18 02:42	99520	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2014-08-12 16:48 . 2014-02-07 16:31	117584	----a-w-	c:\windows\system32\atiu9p64.dll
2014-08-12 16:48 . 2014-02-07 16:31	1331424	----a-w-	c:\windows\system32\aticfx64.dll
2014-08-12 16:48 . 2014-02-07 16:31	1110992	----a-w-	c:\windows\SysWow64\aticfx32.dll
2014-08-12 16:47 . 2014-08-12 16:47	10527312	----a-w-	c:\windows\system32\atidxx64.dll
2014-08-12 16:47 . 2013-12-06 21:59	9023464	----a-w-	c:\windows\SysWow64\atidxx32.dll
2014-08-12 16:47 . 2014-04-18 02:42	7102496	----a-w-	c:\windows\SysWow64\atiumdva.dll
2014-08-12 16:47 . 2014-04-18 02:42	6879016	----a-w-	c:\windows\SysWow64\atiumdag.dll
2014-08-12 16:47 . 2014-02-07 16:31	7892000	----a-w-	c:\windows\system32\atiumd6a.dll
2014-08-12 16:47 . 2014-02-07 16:31	8108312	----a-w-	c:\windows\system32\atiumd64.dll
2014-08-12 15:56 . 2014-08-12 15:56	276192	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-08-12 15:20 . 2014-08-12 15:20	15965184	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-08-12 15:07 . 2014-08-12 15:07	231424	----a-w-	c:\windows\system32\clinfo.exe
2014-08-12 15:06 . 2014-08-12 15:06	98816	----a-w-	c:\windows\system32\OpenVideo64.dll
2014-08-12 15:06 . 2014-08-12 15:06	83456	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2014-08-12 15:06 . 2014-08-12 15:06	86528	----a-w-	c:\windows\system32\OVDecode64.dll
2014-08-12 15:06 . 2014-08-12 15:06	73216	----a-w-	c:\windows\SysWow64\OVDecode.dll
2014-08-12 15:06 . 2014-08-12 15:06	32876544	----a-w-	c:\windows\system32\amdocl64.dll
2014-08-12 15:03 . 2014-08-12 15:03	27843072	----a-w-	c:\windows\SysWow64\amdocl.dll
2014-08-12 15:00 . 2014-08-12 15:00	65024	----a-w-	c:\windows\system32\OpenCL.dll
2014-08-12 15:00 . 2014-08-12 15:00	58880	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-08-12 14:49 . 2014-08-12 14:49	127488	----a-w-	c:\windows\system32\mantle64.dll
2014-08-12 14:49 . 2014-08-12 14:49	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2014-08-12 14:48 . 2014-08-12 14:48	5225472	----a-w-	c:\windows\system32\amdmantle64.dll
2014-08-12 14:41 . 2014-08-12 14:41	27528704	----a-w-	c:\windows\system32\atio6axx.dll
2014-08-12 14:32 . 2014-08-12 14:32	4180992	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2014-08-12 14:21 . 2014-08-12 14:21	23027712	----a-w-	c:\windows\SysWow64\atioglxx.dll
2014-08-12 14:16 . 2014-08-12 14:16	91648	----a-w-	c:\windows\system32\mantleaxl64.dll
2014-08-12 14:16 . 2014-08-12 14:16	366592	----a-w-	c:\windows\system32\atiapfxx.exe
2014-08-12 14:16 . 2014-08-12 14:16	85504	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2014-08-12 14:16 . 2014-08-12 14:16	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2014-08-12 14:16 . 2014-08-12 14:16	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2014-08-12 14:16 . 2014-08-12 14:16	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2014-08-12 14:16 . 2014-08-12 14:16	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2014-08-12 14:16 . 2014-08-12 14:16	15716352	----a-w-	c:\windows\system32\aticaldd64.dll
2014-08-12 14:13 . 2014-08-12 14:13	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2014-08-12 14:00 . 2014-08-12 14:00	48128	----a-w-	c:\windows\system32\amdmmcl6.dll
2014-08-12 14:00 . 2014-08-12 14:00	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-08-12 14:00 . 2014-08-12 14:00	37888	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2014-08-12 13:59 . 2014-08-12 13:59	31232	----a-w-	c:\windows\system32\atimuixx.dll
2014-08-12 13:59 . 2014-08-12 13:59	588800	----a-w-	c:\windows\system32\atieclxx.exe
2014-08-12 13:59 . 2014-08-12 13:59	239616	----a-w-	c:\windows\system32\atiesrxx.exe
2014-08-12 13:58 . 2014-08-12 13:58	190976	----a-w-	c:\windows\system32\atitmm64.dll
2014-08-12 13:43 . 2014-08-12 13:43	826368	----a-w-	c:\windows\system32\coinst_14.20.dll
2014-08-12 13:35 . 2014-08-12 13:35	95744	----a-w-	c:\windows\system32\amdave64.dll
2014-08-12 13:35 . 2014-08-12 13:35	90112	----a-w-	c:\windows\SysWow64\amdave32.dll
2014-08-12 13:34 . 2014-08-12 13:34	89088	----a-w-	c:\windows\system32\atisamu64.dll
2014-08-12 13:34 . 2014-08-12 13:34	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2014-08-12 13:34 . 2014-08-12 13:34	1207296	----a-w-	c:\windows\system32\atiadlxx.dll
2014-08-12 13:34 . 2013-12-06 20:22	898560	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2014-08-12 13:34 . 2014-08-12 13:34	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2014-08-12 13:34 . 2014-08-12 13:34	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-08-12 13:34 . 2014-08-12 13:34	146944	----a-w-	c:\windows\system32\atig6txx.dll
2014-08-12 13:33 . 2014-08-12 13:33	133632	----a-w-	c:\windows\SysWow64\atigktxx.dll
2014-08-12 13:33 . 2014-08-12 13:33	557568	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-08-12 13:28 . 2014-08-12 13:28	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-08-12 09:17 . 2014-08-12 09:17	51200	----a-w-	c:\windows\system32\kdbsdk64.dll
2014-08-12 09:12 . 2014-08-12 09:12	38912	----a-w-	c:\windows\SysWow64\kdbsdk32.dll
2014-08-01 11:53 . 2014-09-09 19:42	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-09 19:42	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-07-30 20:45 . 2014-07-30 20:45	262096	----a-w-	c:\windows\system32\gcp_portmon64.dll
2014-07-25 10:55 . 2014-05-15 10:50	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38	223432	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38	223432	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38	223432	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScreenSplitter"="c:\program files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe" [2013-07-24 695296]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
"AppEx Accelerator UI"="c:\program files\AMD Quick Stream\AMDQuickStream.exe" [2014-03-31 482528]
"AEM"="c:\program files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe" [2014-07-16 1721128]
"GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-10-10 854344]
"Plex Media Server"="c:\program files (x86)\Plex\Plex Media Server\Plex Media Server.exe" [2011-11-26 2699344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2014-01-09 374784]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-06-04 191528]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-08-12 767200]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-09-23 165168]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 cpuz136;cpuz136;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 getbus;getbus;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys;c:\users\SEBAST~1\AppData\Local\Temp\getbus.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AEM Service5;AEM Service5;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe ;c:\program files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe  [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS-Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-15 15:16	1089352	----a-w-	c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 14:42]
.
2014-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
2014-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 05:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-03 19:38	262344	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-03 19:38	262344	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-03 19:38	262344	----a-w-	c:\users\Sebastian\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-25 17:05	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-25 17:05	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-25 17:05	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-03 13651672]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"NUSB3MON"="c:\program files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe" [2012-04-11 97280]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3995683688-22251476-601076843-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-10-18  22:04:12
ComboFix-quarantined-files.txt  2014-10-18 20:04
ComboFix2.txt  2014-10-06 16:04
.
Vor Suchlauf: 19 Verzeichnis(se), 34.762.141.696 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 34.440.712.192 Bytes frei
.
- - End Of File - - 10C6CF4CAA74B24BA52FAD6C6C00DC08
A36C5E4F47E84449FF07ED3517B43A31
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 18.10.2014
Scan Time: 22:08:55
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.18.06
Rootkit Database: v2014.10.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sebastian

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 329980
Time Elapsed: 5 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.000 - Bericht erstellt am 18/10/2014 um 22:30:46
# Aktualisiert 12/10/2014 von Xplode
# Datenbank : 2014-10-17.9
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Sebastian - SEBASTIAN-PC
# Gestartet von : C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [1081 octets] - [13/10/2014 13:57:02]
AdwCleaner[R1].txt - [903 octets] - [18/10/2014 22:24:31]
AdwCleaner[R2].txt - [764 octets] - [18/10/2014 22:30:46]
AdwCleaner[S0].txt - [1339 octets] - [13/10/2014 13:58:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [883 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Professional x64
Ran by Sebastian on 18.10.2014 at 22:33:32,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\CloudBerry Explorer for Amazon S3



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2014 at 22:35:37,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=db73c508ef80b64ba32d7060bb7ab9c6
# engine=20667
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-18 10:01:23
# local_time=2014-10-19 12:01:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 2523507 36650077 0 0
# scanned=178210
# found=0
# cleaned=0
# scan_time=2256
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 Java 7 Update 67  
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Google Chrome 37.0.2062.124  
 Google Chrome 38.0.2125.104  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Sebastian (administrator) on SEBASTIAN-PC on 19-10-2014 00:06:17
Running from C:\Users\Sebastian\Downloads
Loaded Profile: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(LG Electronics) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Namtuk.com) C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64App.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Sebastian\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [374784 2014-01-09] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [ScreenSplitter] => C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplit.exe [695296 2013-07-24] (LG Electronics)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [AEM] => C:\Program Files (x86)\Namtuk\Automatic Email Manager\AutoEmailManager.exe [1721128 2014-07-16] (Namtuk.com)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-3995683688-22251476-601076843-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCC7BE164C723CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "", "hxxp://www.google.com", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1403882782&from=kmp&uid=SamsungXSSDX840XEVOX120GB_S1D5NSAF133361R"
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29]
CHR Extension: (AdBlock) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-29]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-06-29]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-06-29]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEM Service5; C:\Program Files (x86)\Namtuk\Automatic Email Manager\AEM-Service5.exe [334848 2014-07-16] (Namtuk.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738344 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-04-29] (Echobit, LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-10-06] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-12] (REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [114632 2013-08-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 getbus; \??\C:\Users\SEBAST~1\AppData\Local\Temp\getbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 23:18 - 2014-10-18 23:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-18 22:35 - 2014-10-18 22:35 - 00000712 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2014-10-18 22:33 - 2014-10-14 13:43 - 01705698 _____ (Thisisu) C:\Users\Sebastian\Desktop\JRT_NEW.exe
2014-10-18 22:23 - 2014-10-18 22:23 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000 (1).exe
2014-10-18 22:04 - 2014-10-18 22:04 - 00028192 _____ () C:\ComboFix.txt
2014-10-18 21:15 - 2014-10-18 21:17 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012 (1).exe
2014-10-18 21:10 - 2014-10-18 21:10 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller (1).exe
2014-10-18 21:09 - 2014-10-18 21:10 - 02112000 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64 (1).exe
2014-10-18 11:21 - 2014-10-18 23:17 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Apple Computer
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Plex Media Server
2014-10-18 11:21 - 2014-10-18 11:21 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Apple Computer
2014-10-18 11:20 - 2014-10-18 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-10-18 11:19 - 2014-10-18 11:19 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\ProgramData\Apple
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-18 11:16 - 2014-10-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-18 11:11 - 2014-10-18 11:36 - 173681482 _____ () C:\Users\Sebastian\Downloads\smartshare.zip
2014-10-18 11:11 - 2014-10-18 11:12 - 52385872 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\Plex-Media-Server-v0.9.502-en-US.exe
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 23:32 - 2014-10-16 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-15 19:44 - 2014-10-15 19:44 - 00854417 _____ () C:\Users\Sebastian\Downloads\SecurityCheck.exe
2014-10-15 17:57 - 2014-10-15 17:57 - 02347384 _____ (ESET) C:\Users\Sebastian\Downloads\esetsmartinstaller_deu.exe
2014-10-15 17:15 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 17:15 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 17:15 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 17:15 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 17:15 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 17:15 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 17:15 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 17:15 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 17:15 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 17:15 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 17:15 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 17:15 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 17:15 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 17:15 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 17:15 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 17:15 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 17:15 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 17:15 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 17:15 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 17:15 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 17:15 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 17:15 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 17:15 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 17:15 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 17:15 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 17:15 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 17:15 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 17:15 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 17:15 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 17:15 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 17:15 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 17:15 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 17:15 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 17:15 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 17:15 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 17:15 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 17:15 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 17:15 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 17:15 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 17:15 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 17:15 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 17:15 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 17:15 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 17:15 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 17:15 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 17:15 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 17:15 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 17:15 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 17:15 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 17:15 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 17:15 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 17:15 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 17:15 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 17:15 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 17:15 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 17:15 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 17:15 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 17:15 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 17:15 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 17:15 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 17:14 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 17:14 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 17:14 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 17:14 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 17:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 17:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 17:14 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 17:14 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 17:14 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 17:14 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 17:14 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 17:14 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 17:14 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 09:42 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-13 20:28 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-13 20:28 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-13 20:28 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-13 20:28 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-13 20:28 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-13 20:28 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-13 20:28 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-13 20:28 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-13 20:28 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-13 20:28 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-13 20:28 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-10-13 20:28 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-10-13 20:28 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-10-13 20:28 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-10-13 20:28 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-10-13 20:27 - 2012-09-28 02:11 - 00407552 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn140.dll
2014-10-13 20:27 - 2012-09-28 02:05 - 00408576 _____ () C:\Windows\SysWOW64\hpcc3140.DLL
2014-10-13 20:26 - 2012-08-30 19:52 - 00512512 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL
2014-10-13 14:06 - 2014-10-18 21:06 - 00000000 ____D () C:\Users\Sebastian\Downloads\FRST-OlderVersion
2014-10-13 14:02 - 2014-10-13 14:02 - 00000000 ____D () C:\Windows\ERUNT
2014-10-13 14:01 - 2014-10-13 14:01 - 01705755 _____ (Thisisu) C:\Users\Sebastian\Downloads\JRT.exe
2014-10-13 13:56 - 2014-10-18 22:31 - 00000000 ____D () C:\AdwCleaner
2014-10-13 13:48 - 2014-10-13 13:48 - 01976320 _____ () C:\Users\Sebastian\Downloads\AdwCleaner_4.000.exe
2014-10-12 23:26 - 2014-10-12 23:26 - 00002775 _____ () C:\Users\Sebastian\Downloads\mailFilters.xml
2014-10-08 20:28 - 2014-10-08 20:30 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-06 17:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-06 17:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-06 17:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-06 17:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-06 17:54 - 2014-10-18 22:04 - 00000000 ____D () C:\Qoobox
2014-10-06 17:54 - 2014-10-06 18:04 - 00000000 ____D () C:\Windows\erdnt
2014-10-06 17:27 - 2014-10-18 21:32 - 05583559 ____R (Swearware) C:\Users\Sebastian\Downloads\ComboFix.exe
2014-10-02 13:02 - 2014-10-18 21:28 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar
2014-10-02 13:02 - 2014-10-18 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-02 13:00 - 2014-10-02 13:01 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Downloads\mbar-1.07.0.1012.exe
2014-10-02 12:58 - 2014-10-02 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Sebastian\Downloads\tdsskiller.exe
2014-10-02 12:16 - 2014-10-02 12:16 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (2).txt
2014-10-02 12:15 - 2014-10-02 12:15 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (2).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00046819 _____ () C:\Users\Sebastian\Downloads\FRST (1).txt
2014-10-02 11:43 - 2014-10-02 11:43 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition (1).txt
2014-10-02 11:37 - 2014-10-02 11:37 - 00043697 _____ () C:\Users\Sebastian\Downloads\Addition.txt
2014-10-02 11:36 - 2014-10-19 00:06 - 00020789 _____ () C:\Users\Sebastian\Downloads\FRST.txt
2014-10-02 11:36 - 2014-10-19 00:06 - 00000000 ____D () C:\FRST
2014-10-02 11:35 - 2014-10-18 21:06 - 02112000 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2014-09-30 19:25 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:25 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 13:58 - 2014-09-28 13:59 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TrafficMonitor
2014-09-28 13:58 - 2014-09-28 13:58 - 00000000 ____D () C:\ProgramData\TrafficMonitor
2014-09-28 13:57 - 2014-09-28 13:57 - 03469477 _____ () C:\Users\Sebastian\Downloads\trafficmsw.zip
2014-09-27 22:04 - 2014-09-27 22:04 - 00540302 _____ () C:\Users\Sebastian\Downloads\SeaGiant.zip
2014-09-24 08:44 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 08:44 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 21:18 - 2014-09-23 21:22 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly (1).zip
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Sebastian\Downloads\Postversand
2014-09-23 20:16 - 2014-09-23 20:16 - 01644283 _____ () C:\Users\Sebastian\Downloads\Postversand.zip
2014-09-23 20:03 - 2014-09-23 20:40 - 00036864 _____ () C:\Users\Sebastian\Downloads\Airline Mailing Address.xls
2014-09-22 20:41 - 2014-09-22 20:41 - 02324917 _____ () C:\Users\Sebastian\Downloads\crashcrawlerv8.zip
2014-09-22 18:47 - 2014-10-06 18:00 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-22 18:47 - 2014-09-22 18:47 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-22 18:44 - 2014-09-22 18:44 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-09-22 18:43 - 2014-09-22 18:43 - 21407864 _____ (Simply Super Software ) C:\Users\Sebastian\Downloads\trjsetup690.exe
2014-09-22 15:04 - 2014-10-18 22:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 15:04 - 2014-09-22 15:04 - 00004698 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-22 15:04 - 2014-09-22 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-22 15:03 - 2014-10-18 21:19 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-22 15:03 - 2014-10-08 20:30 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-10-08 20:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-22 15:03 - 2014-09-22 15:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 15:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-22 15:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-22 14:58 - 2014-09-22 14:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sebastian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-22 14:02 - 2014-09-22 14:02 - 18656495 _____ () C:\Users\Sebastian\Downloads\nightly.zip
2014-09-20 12:32 - 2014-09-20 12:32 - 02320830 _____ () C:\Users\Sebastian\Downloads\CrashCrawlerV6.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 23:42 - 2014-04-29 17:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 23:24 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 23:24 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 23:23 - 2011-04-12 09:43 - 00701996 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 23:23 - 2011-04-12 09:43 - 00150662 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 23:23 - 2009-07-14 07:13 - 01628294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 23:20 - 2014-02-07 07:26 - 01937860 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 23:17 - 2014-02-22 13:05 - 00000000 ____D () C:\ProgramData\VMware
2014-10-18 23:16 - 2014-09-13 13:50 - 00021646 _____ () C:\Windows\PFRO.log
2014-10-18 23:16 - 2014-09-12 19:28 - 00005044 _____ () C:\Windows\setupact.log
2014-10-18 23:16 - 2014-07-30 22:45 - 00007470 _____ () C:\Windows\system32\debug.log
2014-10-18 23:16 - 2014-07-20 16:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-10-18 23:16 - 2014-02-07 07:42 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 23:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 23:14 - 2014-02-07 07:42 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 22:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-18 21:57 - 2014-02-07 07:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-18 21:33 - 2014-02-07 01:37 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2014-10-18 16:46 - 2014-02-07 07:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-17 00:59 - 2014-02-11 21:43 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Skype
2014-10-16 23:52 - 2014-02-07 18:22 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\netz
2014-10-16 23:32 - 2014-02-11 21:43 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 19:58 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\VMware
2014-10-16 19:57 - 2014-02-22 13:07 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\VMware
2014-10-16 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 07:24 - 2009-07-14 06:45 - 00328664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 07:23 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 07:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 03:03 - 2014-02-07 02:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 03:00 - 2014-02-07 02:14 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 17:19 - 2014-09-12 19:47 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-15 17:16 - 2014-02-07 18:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-13 20:30 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 20:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 20:28 - 2014-02-07 07:33 - 01601638 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 14:06 - 2014-08-05 19:12 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-13 14:06 - 2014-02-07 07:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-07 18:18 - 2014-03-05 23:29 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\HpUpdate
2014-10-06 18:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-06 18:03 - 2014-02-07 02:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-10-06 17:26 - 2014-02-12 21:34 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2014-10-02 01:41 - 2014-03-19 23:02 - 00000000 ____D () C:\Users\Sebastian\Desktop\Rechnungen refund.me
2014-09-30 01:55 - 2014-02-08 11:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2014-09-25 19:06 - 2014-06-13 19:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 16:42 - 2014-04-29 17:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 16:42 - 2014-04-29 17:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 16:42 - 2014-04-29 17:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 09:56 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-09-23 02:59 - 2014-05-16 00:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-09-23 02:59 - 2014-02-22 02:30 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-09-22 18:20 - 2014-08-30 12:43 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest (1)
2014-09-22 18:20 - 2014-08-08 16:25 - 00000000 ____D () C:\Users\Sebastian\Downloads\latest
2014-09-22 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-09-22 15:05 - 2014-05-15 12:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-22 15:04 - 2014-05-15 12:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-22 13:56 - 2014-02-18 21:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 18:36 - 2014-02-08 13:34 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 00:03

==================== End Of Log ============================
         
--- --- ---

Alt 19.10.2014, 15:10   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Unbekannter Upload - Standard

Unbekannter Upload



Warum hast du alle Programme nochmal laufen lassen?

Naja egal, sieht gut aus.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Unbekannter Upload
anderen, bekannter, branding, brauche, ccsetup, download, farbar recovery scan tool, fehlercode 0x5, fehlercode 0xc0000005, fehlercode 28, fehlercode windows, gängige, onedrive, rechner verseucht, recovery, super, unbekannter, upload, verseucht, win32/installcore.qh, win32/packed.noobyprotect.g



Ähnliche Themen: Unbekannter Upload


  1. upload an mir unbekannte IP Adressen
    Log-Analyse und Auswertung - 08.12.2014 (43)
  2. Upload Geschwindigkeitsproblem
    Netzwerk und Hardware - 08.10.2013 (0)
  3. Upload Speed zu langsam
    Netzwerk und Hardware - 16.05.2012 (13)
  4. Unbekannter Upload im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 15.09.2011 (14)
  5. Svchost.exe - Voller Upload.
    Log-Analyse und Auswertung - 03.06.2011 (1)
  6. Ständiger Upload
    Log-Analyse und Auswertung - 05.04.2010 (4)
  7. hoher Upload
    Log-Analyse und Auswertung - 22.08.2009 (1)
  8. unerklärlicher upload
    Plagegeister aller Art und deren Bekämpfung - 03.06.2009 (3)
  9. 800 MB Upload pro tag woher??
    Log-Analyse und Auswertung - 18.06.2008 (0)
  10. MSN --> Upload?
    Diskussionsforum - 16.10.2007 (12)
  11. viruse upload
    Mülltonne - 07.04.2007 (1)
  12. Hilfe Hoher Upload!!!!!
    Plagegeister aller Art und deren Bekämpfung - 29.10.2006 (4)
  13. Hoher Upload!!!!
    Log-Analyse und Auswertung - 26.08.2006 (1)
  14. Zu hoher Upload!!! Was ist los?
    Log-Analyse und Auswertung - 27.10.2004 (4)
  15. Upload
    Alles rund um Windows - 23.10.2004 (1)
  16. Upload Tool
    Alles rund um Windows - 17.03.2003 (16)

Zum Thema Unbekannter Upload - Hallo Leute, ich habe mir leider etwas eingefangen. Ich habe eine 16.000er DSL-Leitung, aber letztens fiel mir auf, dass ich zuwenig download habe, knapp die hälfte, manchmal noch weniger. Ich - Unbekannter Upload...
Archiv
Du betrachtest: Unbekannter Upload auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.