Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: HitmanPro Alert gibt Warnung aus - Browser kompromittiert?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.11.2014, 15:06   #1
nickcave
 
HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Hallo,

ich habe vor gut einer Woche HitmanProAlert auf meinem Rechner istalliert und heute gibt das Programm bei meinm Firefox folgende Meldung aus: "Anwendung Firefox (firefox.exe, 6252) Kritische Browserfunktionen wurden von einer vermutlich schadhaften Software kompromittiert. Geben Sie keinerlei persönliche Daten auf Webseiten ein. Auch Online-Banking ist unsicher"; der Computer solle überprüft werden“. Bei Chrome/IE habe ich diese Meldung nicht.

Ich muss gestehen, ich kann mir diese Meldung nicht erklären, weil vorhin noch alles in Ordnung war, bevor ich Einkaufen gegangen bin und nachdem ich wieder zu Hause war, diese Meldung ausgegeben wurde; ich habe heute morgen lediglich die üblichen Tageszeitungen gelesen (Spiegel-Online & Co.) sowie ein paar Computerseiten (Prad, Computerbase). Ich kann mir nicht vorstellen, dass ich mir dort etwas eingefangen haben sollte.

Dennoch habe ich die Sache natürlich ernst genommen und das System mit folgenden Programmen gescannt, ohne Fund (bis auf Kleinigkeiten ohne großes Schadpotential: Bidefender Antivirus, Housecall, Malwarebytes, HitmanPro, Spybot und BootkitRemoval.

Jetzt stellt sich für mich die Frage, handelt es sich um eine Falschmeldung oder ist doch irgend etwas in meinem System unsauber.

FRST-Log:
Code:
ATTFilter
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by Admin (administrator) on MOONCHILD-PC on 01-11-2014 15:02:55
Running from K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion
Loaded Profiles: Moonchild & Admin & Administrator (Available profiles: Moonchild & Admin & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Comfort Software Group) C:\Program Files (x86)\HotAlarmClock\HotAlarmClock.exe
(Mozy, Inc.) C:\Program Files\Mozy Sync\mozysync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Portrait Displays\DisplayView Click\dthtml.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Mozy, Inc.) K:\Windows_SSD\MOZY\mozybackup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.1\EMET_Agent.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
() K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion\Gmer-19357.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Google Inc.) C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-24] (Bitdefender)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [DT FUS] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123248 2012-09-26] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [EMET 4.1 Agent] => C:\Program Files (x86)\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [Trend Micro RUBotted V2.0 Beta] => C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-02-05] ()
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [Google Update] => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Run: [HotAlarmClock] => C:\Program Files (x86)\HotAlarmClock\HotAlarmClock.exe [22725400 2014-05-16] (Comfort Software Group)
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\MountPoints2: {05dabfe1-3f6e-11e1-a3c3-806e6f6e6963} - L:\Run.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-1000\...\MountPoints2: {e091f18d-04da-11e4-b8b1-001a7dda710b} - H:\pushinst.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-1007\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-02-05] ()
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [Klebezettel NG] => C:\Program Files (x86)\Klebezettel NG\klebez.exe [4433408 2012-04-06] (Hollie-Soft)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\MountPoints2: {05dabfe1-3f6e-11e1-a3c3-806e6f6e6963} - L:\Run.exe
HKU\S-1-5-21-365492360-3355046920-2098280994-500\...\MountPoints2: {73d1f0d9-fbbf-11e2-95bb-806e6f6e6963} - L:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Users\Moonchild\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozy Sync.lnk
ShortcutTarget: Mozy Sync.lnk -> C:\Program Files\Mozy Sync\mozysync.exe (Mozy, Inc.)
SSODL: EldosMountNotificator-cbfs4 - {F9FF334C-5B00-4CBA-8B28-A3D6A9A46476} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} -  No File
SSODL-x32: EldosMountNotificator-cbfs4 - {F9FF334C-5B00-4CBA-8B28-A3D6A9A46476} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ mozysyncNotUploaded] -> {34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncPendingChanges] -> {6673BC77-4A7B-4299-A130-14312E6B203A} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncUpToDate] -> {04547006-32F5-4635-844B-B8D7FCE47692} => C:\Program Files\Mozy Sync\mozysyncshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {D12E2777-CA9C-4EBD-AA9B-A8660DEF371F} => C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => K:\Windows_SSD\MOZY\mozyshell.dll (Mozy, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {D12E2777-CA9C-4EBD-AA9B-A8660DEF371F} => C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: FlashCatchBHO Class -> {88618A96-6D8A-42E7-B932-9073D5B2080F} -> C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files (x86)\FlashCatch\flashcatch.dll (Level 9 Technology, Inc.)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A25C9FE1-77F9-4C49-B32A-8665F4273309}: [NameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> K:\Windows_SSD\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

Chrome: 
=======
CHR StartMenuInternet: Google Chrome - C:\Users\Moonchild\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-24] (Emsisoft GmbH)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-24] (Bitdefender)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3611128 2014-02-11] (devolo AG)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [139632 2012-09-26] (Portrait Displays, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-11-01] (SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-10-27] (SurfRight B.V.)
R2 mozybackup; K:\Windows_SSD\MOZY\mozybackup.exe [54040 2011-09-29] (Mozy, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-07-23] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RUBotSrv; C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-24] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-04-20] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2014-02-24] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-02-24] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2014-02-24] (Emsisoft GmbH)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-24] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-04-30] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-24] (BitDefender SRL)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [385728 2013-03-01] (EldoS Corporation)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-02-24] (Emsisoft GmbH)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-24] (BitDefender LLC)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-10-27] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [9000256 2012-08-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Intel(R) Corporation) [File not signed]
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-02] (Mozy, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-24] (BitDefender S.R.L.)
S3 7ByteIo; \??\c:\program files (x86)\hot cpu tester pro 4\SysInfoX64.sys [X]
S3 cpuz135; \??\K:\WINDOW~1\Temp\cpuz135\cpuz135_x64.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [X]
U3 pwliquob; \??\C:\Users\Admin\AppData\Local\Temp\pwliquob.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro RUBotted
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-11-01 14:50 - 2014-11-01 14:50 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-10-27 23:06 - 2014-10-27 23:06 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\Downloaded Installations
2014-10-27 17:18 - 2014-10-27 17:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-10-27 16:55 - 2014-10-27 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-27 16:53 - 2014-10-27 16:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\Logishrd
2014-10-27 16:53 - 2014-10-27 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-10-27 16:52 - 2014-10-27 16:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logishrd
2014-10-27 16:50 - 2014-10-27 16:50 - 00000000 _____ () C:\Users\Admin\Desktop\Sicherungskopie von Malwarebytes Einstellungen.wbk
2014-10-27 10:40 - 2014-11-01 14:02 - 00000000 ____D () C:\Windows\CryptoGuard
2014-10-27 10:40 - 2014-10-27 16:31 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-10-27 10:40 - 2014-10-27 10:57 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-10-27 10:40 - 2014-10-27 10:57 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-10-27 10:40 - 2014-10-27 10:57 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-10-27 10:40 - 2014-10-27 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-10-27 10:40 - 2014-10-27 10:40 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-10-27 08:43 - 2014-10-27 08:43 - 00002230 _____ () C:\Users\Admin\Desktop\HitmanPro_20141027_0843.log
2014-10-26 23:54 - 2014-10-27 09:28 - 00002029 _____ () C:\Users\Admin\Desktop\Entfernen des Avira EU-Cleaners.lnk
2014-10-26 23:54 - 2014-10-27 09:28 - 00001973 _____ () C:\Users\Admin\Desktop\Avira EU-Cleaner.lnk
2014-10-25 16:28 - 2014-10-25 16:28 - 00001067 _____ () C:\Users\Admin\Desktop\Hot Alarm Clock.lnk
2014-10-25 16:28 - 2014-10-25 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hot Alarm Clock
2014-10-25 16:27 - 2014-10-25 16:28 - 00000000 ____D () C:\Program Files (x86)\HotAlarmClock
2014-10-25 08:30 - 2014-10-25 08:30 - 00001043 _____ () C:\Users\Admin\Desktop\MonitorTest.lnk
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\ProgramData\PassMark
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonitorTest
2014-10-25 08:30 - 2014-10-25 08:30 - 00000000 ____D () C:\Program Files (x86)\MonitorTest
2014-10-20 08:01 - 2014-10-20 08:01 - 00001079 _____ () C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-10-20 08:01 - 2014-10-20 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2014-10-20 08:01 - 2014-10-20 08:01 - 00000000 ____D () C:\Program Files (x86)\FreeAlarmClock
2014-10-19 12:06 - 2014-10-19 12:06 - 00004957 _____ () C:\Users\Moonchild\AppData\Local\recently-used.xbel
2014-10-18 23:52 - 2014-10-18 23:52 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-10-18 23:51 - 2014-05-14 17:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-10-18 23:51 - 2014-05-14 15:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-10-18 23:51 - 2014-05-12 19:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-10-18 23:51 - 2014-05-09 10:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-10-18 23:51 - 2014-04-30 10:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-10-18 23:51 - 2014-04-28 14:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-10-18 23:51 - 2014-04-25 12:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-10-18 23:51 - 2014-04-25 12:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-10-18 23:51 - 2014-04-10 11:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-10-18 23:51 - 2014-04-10 11:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-10-18 23:51 - 2014-04-07 15:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-10-18 23:51 - 2014-03-06 15:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-10-18 23:51 - 2014-02-18 16:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-10-18 23:51 - 2014-02-06 10:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-10-18 23:51 - 2014-01-28 10:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-10-18 23:51 - 2013-10-16 02:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-10-18 23:51 - 2013-10-11 11:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-10-18 23:51 - 2013-10-11 10:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-10-18 23:51 - 2013-08-14 14:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-10-18 23:51 - 2013-08-14 14:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-10-18 23:51 - 2012-11-14 10:41 - 00378000 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2014-10-18 23:51 - 2012-08-31 18:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-10-18 23:51 - 2012-08-31 18:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-10-18 23:51 - 2012-03-08 10:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-10-18 23:51 - 2011-12-20 14:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-10-18 23:51 - 2011-11-22 15:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-10-18 23:51 - 2011-09-02 13:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-10-18 23:51 - 2011-05-31 08:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-10-18 23:51 - 2010-11-08 06:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-10-18 23:51 - 2010-11-03 17:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-10-18 23:51 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-10-18 23:51 - 2010-07-22 15:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-10-18 23:51 - 2009-11-24 08:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-10-17 09:10 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 09:10 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 09:10 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 09:10 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 09:10 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 09:10 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 09:10 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 09:10 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 09:10 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 09:10 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 09:10 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 09:10 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 09:10 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 09:10 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 09:10 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-17 09:10 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-17 09:10 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 09:10 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 09:10 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 09:10 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-17 09:10 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 09:10 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 09:10 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-17 09:10 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-17 09:10 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 09:10 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 09:10 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 09:10 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 09:10 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 09:10 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-17 09:10 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 09:10 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 09:10 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 09:10 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 09:10 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 09:10 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 09:10 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-17 09:10 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-17 09:10 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 09:10 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 09:10 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 09:10 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-17 09:10 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 09:10 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 09:10 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 09:10 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 09:10 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-17 09:10 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 09:10 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 09:10 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-17 09:10 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 09:10 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 09:09 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 09:09 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 09:09 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 09:09 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 09:09 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 09:09 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 09:09 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 09:09 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 09:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 09:09 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 09:09 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 09:09 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 09:09 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 09:09 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 09:09 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 09:09 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 09:09 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-17 09:09 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 09:09 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 11:48 - 2014-10-16 11:48 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-10-08 09:18 - 2014-10-08 09:20 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Moonchild\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Administrator\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00001007 _____ () C:\Users\Admin\Desktop\SpeedFan.lnk
2014-10-08 09:18 - 2014-10-08 09:18 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-10-08 09:18 - 2014-10-08 09:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-08 09:18 - 2014-10-08 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-03 18:16 - 2014-10-03 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
2014-10-03 18:16 - 2014-10-03 18:16 - 00000000 ____D () C:\Program Files (x86)\APC
2014-10-03 17:07 - 2014-10-03 18:15 - 13923704 _____ (Schneider Electric) C:\Users\Admin\PCPE Setup.exe
2014-10-03 17:07 - 2014-10-03 18:15 - 13338112 _____ () C:\Users\Admin\PCPE_3.0.1.msi
2014-10-03 17:07 - 2014-10-03 18:15 - 01079808 _____ (Microsoft Corporation) C:\Users\Admin\mfc80u.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00626688 _____ (Microsoft Corporation) C:\Users\Admin\msvcr80.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021880 _____ (Schneider Electric) C:\Users\Admin\grm_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021880 _____ (Schneider Electric) C:\Users\Admin\fr_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\pt_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\it_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\es_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00021368 _____ (Schneider Electric) C:\Users\Admin\en_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00020856 _____ (Schneider Electric) C:\Users\Admin\ru_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00020344 _____ (Schneider Electric) C:\Users\Admin\jp_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00019832 _____ (Schneider Electric) C:\Users\Admin\zh_res.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00018808 _____ () C:\Users\Admin\ResourceReader.dll
2014-10-03 17:07 - 2014-10-03 18:15 - 00000550 _____ () C:\Users\Admin\Microsoft.VC80.MFC.manifest
2014-10-03 17:07 - 2014-10-03 18:15 - 00000522 _____ () C:\Users\Admin\Microsoft.VC80.CRT.manifest
2014-10-03 17:07 - 2014-10-03 18:15 - 00000014 _____ () C:\Users\Admin\dotnetfolder.txt
2014-10-02 09:20 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-02 09:20 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-02 09:20 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-02 09:20 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 15:02 - 2014-04-21 13:19 - 00000000 ____D () C:\FRST
2014-11-01 14:58 - 2012-01-24 19:08 - 00766051 _____ () C:\Windows\setupact.log
2014-11-01 14:42 - 2013-02-10 13:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 14:40 - 2013-02-08 12:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-01 14:23 - 2012-01-16 08:46 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA.job
2014-11-01 14:22 - 2013-02-10 13:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 14:19 - 2013-09-16 14:25 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml
2014-11-01 14:02 - 2014-02-21 12:20 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\mozysync
2014-11-01 13:57 - 2012-01-15 12:46 - 01291526 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 13:56 - 2011-04-12 08:43 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-11-01 13:56 - 2011-04-12 08:43 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-11-01 13:56 - 2009-07-14 06:13 - 01629348 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 13:56 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 13:56 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 13:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 11:18 - 2012-04-03 16:18 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-01 11:17 - 2013-03-03 10:40 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\KeePass
2014-11-01 03:48 - 2012-01-15 17:33 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{330A11D1-DDF4-4F3D-9779-05555AECB1C3}
2014-11-01 01:31 - 2012-02-07 10:42 - 00010720 _____ () C:\Windows\mozy.blk
2014-11-01 01:31 - 2012-02-07 10:42 - 00005462 _____ () C:\Windows\mozy.flt
2014-10-31 22:22 - 2014-04-03 23:41 - 00000000 ___RD () C:\Users\Moonchild\Downloads\Aktuell gucken
2014-10-31 16:24 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 16:23 - 2012-04-25 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 13:23 - 2012-01-16 08:46 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core.job
2014-10-31 12:27 - 2014-09-25 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 23:20 - 2014-07-01 11:42 - 00001264 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-10-30 23:20 - 2014-07-01 11:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-30 23:16 - 2012-01-19 17:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 23:06 - 2013-09-14 14:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-30 23:04 - 2014-09-11 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-30 23:04 - 2013-10-27 00:20 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-30 23:04 - 2013-09-14 14:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-28 07:37 - 2012-02-02 00:45 - 08228684 _____ () C:\Windows\PFRO.log
2014-10-28 00:54 - 2013-03-06 17:09 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\Dropbox
2014-10-27 17:34 - 2014-06-28 10:42 - 00000000 ____D () C:\Windows\ERUNT
2014-10-27 17:30 - 2014-02-24 20:03 - 00000000 ____D () C:\Program Files (x86)\Secure Banking
2014-10-27 16:56 - 2014-04-22 12:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-27 16:56 - 2014-04-22 12:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-27 16:53 - 2012-03-20 16:40 - 00025858 _____ () C:\Windows\LDPINST.LOG
2014-10-27 16:53 - 2012-03-20 16:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-10-27 16:53 - 2012-03-20 16:40 - 00004482 _____ () C:\Windows\LkmdfCoInst.log
2014-10-27 16:53 - 2012-03-20 16:40 - 00000000 ____D () C:\ProgramData\Logishrd
2014-10-27 16:53 - 2012-03-20 16:40 - 00000000 ____D () C:\Program Files\Logitech
2014-10-27 16:53 - 2012-03-20 16:39 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-10-27 16:52 - 2014-04-21 13:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logitech
2014-10-27 16:44 - 2014-04-21 13:52 - 00118368 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-26 20:32 - 2012-01-25 00:31 - 00000561 _____ () C:\Users\Moonchild\AppData\Roaming\burnaware.ini
2014-10-26 20:30 - 2013-04-29 14:30 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\vlc
2014-10-26 20:30 - 2012-11-26 22:07 - 00000000 ____D () C:\Users\Moonchild\AppData\Roaming\dvdcss
2014-10-26 08:30 - 2009-07-14 05:45 - 00445688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-25 23:18 - 2014-02-24 20:33 - 00000032 _____ () C:\Windows\SysWOW64\thxcfg.ini
2014-10-25 23:18 - 2013-04-07 12:16 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-10-25 16:45 - 2012-01-15 14:42 - 00118368 _____ () C:\Users\Moonchild\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-24 09:53 - 2014-04-21 13:52 - 00000000 ____D () C:\Users\Admin
2014-10-23 12:18 - 2012-01-16 08:46 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA
2014-10-23 12:18 - 2012-01-16 08:46 - 00003718 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core
2014-10-19 12:06 - 2014-01-05 12:25 - 00000000 ____D () C:\Users\Moonchild\AppData\Local\gtk-2.0
2014-10-19 12:06 - 2013-04-09 07:45 - 00000000 ____D () C:\Users\Moonchild\.gimp-2.8
2014-10-18 23:52 - 2012-11-26 22:56 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-10-18 23:51 - 2012-01-15 15:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-18 18:37 - 2013-02-10 13:24 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 18:37 - 2013-02-10 13:24 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 21:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-17 20:25 - 2012-01-15 16:12 - 00000000 ____D () C:\Users\Administrator
2014-10-17 09:14 - 2012-01-15 19:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 09:12 - 2013-07-12 07:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-17 09:10 - 2012-01-16 11:57 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 08:49 - 2014-05-14 17:51 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-10-17 08:45 - 2013-02-08 12:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 08:45 - 2012-10-13 16:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 08:45 - 2012-10-13 16:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 11:48 - 2014-04-21 13:54 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-10-16 11:48 - 2013-03-03 10:36 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-10-05 09:25 - 2014-03-24 21:19 - 00000000 ____D () C:\Users\Moonchild\Downloads\Sechserpack
2014-10-03 23:49 - 2014-07-26 07:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

Files to move or delete:
====================
C:\Users\Admin\en_res.dll
C:\Users\Admin\es_res.dll
C:\Users\Admin\fr_res.dll
C:\Users\Admin\grm_res.dll
C:\Users\Admin\it_res.dll
C:\Users\Admin\jp_res.dll
C:\Users\Admin\mfc80u.dll
C:\Users\Admin\msvcr80.dll
C:\Users\Admin\PCPE Setup.exe
C:\Users\Admin\pt_res.dll
C:\Users\Admin\ResourceReader.dll
C:\Users\Admin\ru_res.dll
C:\Users\Admin\zh_res.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 15:12

==================== End Of Log ============================
         
FRST-Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by Moonchild at 2014-11-01 15:29:14
Running from K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKCU\...\Advanced PDF Password Recovery) (Version: 4.0 - ElcomSoft Co. Ltd.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.51 - Hulubulu Software)
Amazon Cloud Drive (HKLM-x32\...\{9A766E33-BB01-480F-ABFC-424B8AC11212}) (Version: 0.11.12.0 - Amazon.com)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.0.192 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2001616110.48.56.4132210 - Audible, Inc.)
Aufgaben (HKLM-x32\...\{38AFF23A-CE45-4D7D-B8D4-3517125E7DD2}) (Version: 1.1.3 - Holliesoft)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.6.7716 - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Batman: Arkham City™ (HKLM-x32\...\GFWL_{57520FA0-AC56-469B-9983-FF1000008300}) (Version: 1.0.0000.131 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0000.131 - WB Games) Hidden
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Beurer HealthManager (HKLM-x32\...\Beurer HealthManager) (Version: 2.2.0.0 - Beurer Health And Well-Being)
Beurer HealthManager (x32 Version: 2.2.0.0 - Beurer Health And Well-Being) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitdefender Internet Security 2013 (HKLM\...\Bitdefender) (Version: 16.26.0.1739 - Bitdefender)
BoxCryptor 1.5 (HKLM-x32\...\BoxCryptor) (Version: 1.5.410.149 - Secomba GmbH)
BurnAware Free 6.9.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{50A398DA-4562-40AA-9535-0A14C4AB1DD9}) (Version: 1.21.0 - Kovid Goyal)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
CD Bremse 1.49 (HKLM-x32\...\CD Bremse_is1) (Version: 1.49 - )
Cimaware OfficeFIX 6.xx (HKCU\...\Cimaware OfficeFIX 6.xx) (Version:  - Cimaware Software)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor Pro 1.16 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
CrystalDiskMark 3.0.1b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.1b - Crystal Dew World)
CUEcards® 2005 (HKLM-x32\...\{C0E7B43A-39F7-4ADA-BF28-B988544F2833}) (Version: 4.29.0 - Marcus Humann Software-Technik)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Debugging Tools for Windows (HKLM-x32\...\{1C943495-B69F-4D41-AE0E-23C57ECD90EE}) (Version: 6.4.7.2 - Microsoft Corporation)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.1.0 - devolo AG)
Digitale Bibliothek 4 (HKLM-x32\...\Digitale Bibliothek 4) (Version:  - )
DisplayView Click (HKLM-x32\...\{7B2E26A2-84CF-4B58-86ED-DE8E73391BDB}) (Version: 5.30.002 - Portrait Displays, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Doc Scrubber v1.2 (HKLM-x32\...\Doc Scrubber_is1) (Version: 1.2 - BrightFort LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dragon Age Redesigned © Morrigan (HKCU\...\Dragon Age Redesigned © Morrigan) (Version:  - )
Dragon Age Redesigned- Leliana's Song (HKCU\...\Dragon Age Redesigned- Leliana's Song) (Version:  - )
Dragon Age Redesigned Oghren© (HKCU\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKCU\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKCU\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKCU\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKCU\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKCU\...\Dragon Age Redesigned© Wynne) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EasyBCD 2.1.2 (HKLM-x32\...\EasyBCD) (Version: 2.1.2 - NeoSmart Technologies)
EMET 4.1 (HKLM-x32\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.0 - Emsi Software GmbH)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 5.51 - Astonsoft Ltd)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
FlashCatch (HKLM-x32\...\{A0AB2980-1FDD-4b6c-940C-FC87C84F05B7}_is1) (Version:  - )
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.222 - GMX GmbH)
GMX SMS-Manager (HKLM-x32\...\GMX SMS-Manager) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
Hot Alarm Clock 4.2.0.0 (HKLM-x32\...\{672C1EE5-D13F-4EDB-A8CA-26711696C040}_is1) (Version: 4.2 - Comfort Software Group)
Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{BEE9DFE1-7CDF-4D1C-A473-3B3DF8FF1431}_is1) (Version: 4.4 - 7Byte Computers)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version:  - David Macek)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Klebezettel NG (Version 2.9.12) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version:  - )
K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MAXQDA 10 (R210312) (HKLM-x32\...\MAXQDA10) (Version: (R210312) - VERBI Software.Consult.Sozialforschung GmbH)
MAXQDA 10 Reader (R240113) (HKLM-x32\...\MAXQDA10Reader) (Version: (R240113) - VERBI Software.Consult.Sozialforschung GmbH)
MDB Repair Tool (HKLM-x32\...\ST6UNST #1) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{48B08845-0CB0-45EC-893C-15319ADDA312}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
MonitorTest V3.1 (HKLM-x32\...\MonitorTest_is1) (Version: 3.1 - PassMark Software)
Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozy Sync (HKLM\...\{FEC9F6A9-556B-490D-8BF3-BD09A37C4DA1}) (Version: 1.2.1.4039 - Mozy, Inc)
MozyHome (HKLM\...\{06BFC7A0-2C6A-ED03-5684-37E8949A5823}) (Version: 2.26.0.376 - Mozy, Inc.)
MSXML 4.0 (x32 Version: 4.20.9818.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
SDK (x32 Version: 2.34.014 - Portrait Displays, Inc.) Hidden
SDS (Shutdown Scheduler) (HKLM-x32\...\CWK) (Version: 2.50.2.40 - Damian Pasternak)
Secure Banking (HKLM-x32\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.0 - Machinecode Technologies)
Secure Banking Version 1.5.2 (HKLM-x32\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (HKLM-x32\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
SMPlayer 0.8.0 (x64) (HKLM\...\SMPlayer) (Version: 0.8.0 - Ricardo Villalba)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TaskUnifier 3.1.1 (HKLM-x32\...\TaskUnifier 3.1.1) (Version: 3.1.1 - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.4 - Bitdreamers)
Trend Micro RUBotted 2.0 Beta (HKLM-x32\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.200 - Nuance Communications Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Wieldy 0.3.1.996 (HKLM-x32\...\Wieldy) (Version: 0.3.1.996 - Kevin Erath)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
x64 Components v3.9.6 (HKLM\...\x64 Components_is1) (Version: 3.9.6 - Shark007)
xp-AntiSpy 3.98-1 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Moonchild\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Moonchild\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-365492360-3355046920-2098280994-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Moonchild\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-01 00:18 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000Core.job => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-365492360-3355046920-2098280994-1000UA.job => C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-26 15:41 - 2012-09-26 11:14 - 00091504 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2013-11-26 15:40 - 2012-09-26 11:14 - 00273264 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2013-03-07 11:52 - 2013-10-24 14:11 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2012-01-15 19:36 - 2013-02-05 14:40 - 00094416 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2013-11-21 10:14 - 2013-11-21 10:14 - 00114176 _____ () C:\Program Files (x86)\EMET 4.1\HelperLib.dll
2013-11-12 09:22 - 2013-11-12 09:22 - 00028672 _____ () C:\Program Files (x86)\EMET 4.1\ReportingSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00348160 _____ () C:\Program Files (x86)\EMET 4.1\DevExpress.UserSkins.HighContrast.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00023040 _____ () C:\Program Files (x86)\EMET 4.1\TrayIconSubsystem.dll
2013-11-21 10:14 - 2013-11-21 10:14 - 00042496 _____ () C:\Program Files (x86)\EMET 4.1\PKIPinningSubsystem.dll
2013-03-29 16:10 - 2013-10-24 14:11 - 00099256 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll
2013-07-24 14:29 - 2013-10-24 14:10 - 00436024 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdidntconp.dll
2013-03-29 16:10 - 2013-10-24 14:11 - 00164352 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\bdidntconp.ui

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Moonchild\Downloads\DANZIG Mama1.avi:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk => C:\Windows\pss\MozyHome Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk => C:\Windows\pss\Überwachungstool für die Intel® Turbo-Boost-Technik 2.6.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^A Note.lnk => C:\Windows\pss\A Note.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^click.to.lnk => C:\Windows\pss\click.to.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Moonchild^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: GMX SMS-Manager => C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "K:\Windows_SSD\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Klebezettel NG => "C:\Program Files (x86)\Klebezettel NG\klebez.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Philips Device Listener => "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: THGuard => "C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe"
MSCONFIG\startupreg: TrojanScanner => C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

========================= Accounts: ==========================

Admin (S-1-5-21-365492360-3355046920-2098280994-1007 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-365492360-3355046920-2098280994-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-365492360-3355046920-2098280994-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-365492360-3355046920-2098280994-1006 - Limited - Enabled)
Moonchild (S-1-5-21-365492360-3355046920-2098280994-1000 - Limited - Enabled) => C:\Users\Moonchild

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2014 03:27:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.11.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: db8

Startzeit: 01cff5dfc281f889

Endzeit: 4

Anwendungspfad: K:\COMPUTER\Neuinstall Windows 7\Die wichtigsten Programme\Sicherheit\Sicherheitstools\Antivirenaktion\FRST64.exe

Berichts-ID:

Error: (11/01/2014 01:49:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2014 01:28:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/31/2014 06:20:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 04:24:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 02:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6705.5000, Zeitstempel: 0x5418f06f
Name des fehlerhaften Moduls: oart.dll, Version: 12.0.6683.5002, Zeitstempel: 0x520bb41f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a3e3
ID des fehlerhaften Prozesses: 0x11a0
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (10/31/2014 10:13:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/31/2014 08:46:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 10:42:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 09:39:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/31/2014 09:25:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MOON-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DF0BC07-DF5B-4C57-9CC8-00672E37F925}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/30/2014 06:42:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DF0BC07-DF5B-4C57-9CC8-00672E37F925}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/28/2014 08:40:33 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:27 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:25 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:22 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:17 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.

Error: (10/28/2014 08:40:14 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk5\DR5.


Microsoft Office Sessions:
=========================
Error: (10/31/2014 02:53:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12920 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (05/03/2014 01:57:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/26/2014 01:24:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11873 seconds with 2040 seconds of active time.  This session ended with a crash.

Error: (02/17/2014 02:42:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 48 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/17/2014 09:45:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/16/2013 05:37:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/08/2013 06:40:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/09/2013 01:57:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/17/2012 03:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 752 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (12/16/2012 05:56:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 957 seconds with 780 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-11-01 15:20:21.350
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:37:08.948
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:22:39.985
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:15:06.755
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 14:02:03.183
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-01 13:49:27.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 18:30:33.683
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 18:20:14.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 16:24:05.326
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-31 08:58:22.668
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570S CPU @ 3.10GHz
Percentage of memory in use: 51%
Total physical RAM: 8175.11 MB
Available physical RAM: 3967.54 MB
Total Pagefile: 20173.29 MB
Available Pagefile: 15314.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:61.42 GB) NTFS
Drive d: (Win-7 Reserve) (Fixed) (Total:100 GB) (Free:89.6 GB) NTFS
Drive e: (Win7-Games) (Fixed) (Total:100.01 GB) (Free:16.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Wissenschaft Sicherheit) (Fixed) (Total:200 GB) (Free:76.73 GB) NTFS
Drive g: (Big One 2) (Fixed) (Total:1563.01 GB) (Free:1161.68 GB) NTFS
Drive j: (Wissenschaft ) (Fixed) (Total:200.02 GB) (Free:68.81 GB) NTFS
Drive k: (Big One) (Fixed) (Total:1562.99 GB) (Free:832.45 GB) NTFS
Drive s: (Volume) (Fixed) (Total:60.15 GB) (Free:11.2 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
Das Gmer-Log ist leider zu groß, um es direkt einzubinden (in einer Word-Datei hat es über 700 Seiten); sollte es benötigt werden, liefere ich es als Archiv nach. Vielleicht reichen aber ja auch die beiden Logs schon aus.

Wie sieht die Sache für Euch aus? Entwarnung oder "weiter graben"?

Grüße

Alt 01.11.2014, 15:11   #2
schrauber
/// the machine
/// TB-Ausbilder
 

HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 01.11.2014, 15:33   #3
nickcave
 
HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Er hat etwas gefunden (1 Fund); Log hier:

Code:
ATTFilter
16:22:16.0492 0x235c  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:22:22.0372 0x235c  ============================================================
16:22:22.0372 0x235c  Current date / time: 2014/11/01 16:22:22.0372
16:22:22.0372 0x235c  SystemInfo:
16:22:22.0372 0x235c  
16:22:22.0372 0x235c  OS Version: 6.1.7601 ServicePack: 1.0
16:22:22.0372 0x235c  Product type: Workstation
16:22:22.0372 0x235c  ComputerName: MOONCHILD-PC
16:22:22.0372 0x235c  UserName: Admin
16:22:22.0372 0x235c  Windows directory: C:\Windows
16:22:22.0372 0x235c  System windows directory: C:\Windows
16:22:22.0373 0x235c  Running under WOW64
16:22:22.0373 0x235c  Processor architecture: Intel x64
16:22:22.0373 0x235c  Number of processors: 4
16:22:22.0373 0x235c  Page size: 0x1000
16:22:22.0373 0x235c  Boot type: Normal boot
16:22:22.0373 0x235c  ============================================================
16:22:22.0484 0x235c  KLMD registered as C:\Windows\system32\drivers\87588815.sys
16:22:23.0449 0x235c  System UUID: {889C40E7-AF1F-A588-5264-95CD246E99DA}
16:22:24.0146 0x235c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:24.0146 0x235c  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0xE584, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
16:22:24.0162 0x235c  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:24.0318 0x235c  Drive \Device\Harddisk3\DR3 - Size: 0xF0A000000 ( 60.16 Gb ), SectorSize: 0x200, Cylinders: 0x1EAC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:22:24.0322 0x235c  ============================================================
16:22:24.0322 0x235c  \Device\Harddisk0\DR0:
16:22:24.0322 0x235c  MBR partitions:
16:22:24.0322 0x235c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC805000
16:22:24.0322 0x235c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC805800, BlocksNum 0x19009800
16:22:24.0322 0x235c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2580F000, BlocksNum 0xC35F8800
16:22:24.0322 0x235c  \Device\Harddisk1\DR1:
16:22:24.0323 0x235c  MBR partitions:
16:22:24.0323 0x235c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:22:24.0323 0x235c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
16:22:24.0323 0x235c  \Device\Harddisk2\DR2:
16:22:24.0323 0x235c  MBR partitions:
16:22:24.0323 0x235c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
16:22:24.0323 0x235c  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0x19000000
16:22:24.0323 0x235c  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x25800800, BlocksNum 0xC3607000
16:22:24.0323 0x235c  \Device\Harddisk3\DR3:
16:22:24.0323 0x235c  MBR partitions:
16:22:24.0324 0x235c  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x784E800
16:22:24.0324 0x235c  ============================================================
16:22:24.0325 0x235c  C: <-> \Device\Harddisk1\DR1\Partition2
16:22:24.0341 0x235c  E: <-> \Device\Harddisk0\DR0\Partition1
16:22:24.0370 0x235c  J: <-> \Device\Harddisk0\DR0\Partition2
16:22:24.0436 0x235c  K: <-> \Device\Harddisk0\DR0\Partition3
16:22:24.0442 0x235c  S: <-> \Device\Harddisk3\DR3\Partition1
16:22:24.0455 0x235c  D: <-> \Device\Harddisk2\DR2\Partition1
16:22:24.0473 0x235c  F: <-> \Device\Harddisk2\DR2\Partition2
16:22:24.0494 0x235c  G: <-> \Device\Harddisk2\DR2\Partition3
16:22:24.0494 0x235c  ============================================================
16:22:24.0495 0x235c  Initialize success
16:22:24.0495 0x235c  ============================================================
16:22:59.0851 0x0d60  ============================================================
16:22:59.0851 0x0d60  Scan started
16:22:59.0851 0x0d60  Mode: Manual; SigCheck; TDLFS; 
16:22:59.0851 0x0d60  ============================================================
16:22:59.0851 0x0d60  KSN ping started
16:23:02.0627 0x0d60  KSN ping finished: true
16:23:04.0342 0x0d60  ================ Scan system memory ========================
16:23:04.0342 0x0d60  System memory - ok
16:23:04.0343 0x0d60  ================ Scan services =============================
16:23:04.0385 0x0d60  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:23:04.0492 0x0d60  1394ohci - ok
16:23:04.0503 0x0d60  7ByteIo - ok
16:23:04.0508 0x0d60  [ 465BA0FED922BC2E5C97A95BC5AF1CDC, 1CAA8D65D87D8AEF5EE1BEC72339E42B8F6D0E050D070D15BB7D2C2B27BF6446 ] a2acc           C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:23:04.0532 0x0d60  a2acc - ok
16:23:04.0624 0x0d60  [ 133E9D8945F8ADAA60101902DB7467B3, 110941D28A68D59DBA18F4A6C4C4D44577C4F06202E2AC0E605BD7EBD3EA5446 ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:23:04.0827 0x0d60  a2AntiMalware - ok
16:23:04.0837 0x0d60  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:23:04.0855 0x0d60  A2DDA - ok
16:23:04.0860 0x0d60  [ 05936579605018BD2BC528FF2C1AD95F, 763C2E76F9078F6A74D5BCCB4DD8A10C82AEB9C9F5A45C3706A587FA2D03E7D3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
16:23:04.0878 0x0d60  a2injectiondriver - ok
16:23:04.0883 0x0d60  [ 0932B29AA1B9372FFE6D3AF8BA2ABA3A, 78312D140FB0383E797F715C9CFE53F25A60CB02A4466F6488B14E5558E609EC ] a2util          C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
16:23:04.0899 0x0d60  a2util - ok
16:23:04.0913 0x0d60  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:23:04.0940 0x0d60  ACPI - ok
16:23:04.0945 0x0d60  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:23:04.0969 0x0d60  AcpiPmi - ok
16:23:04.0996 0x0d60  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:23:05.0019 0x0d60  AdobeFlashPlayerUpdateSvc - ok
16:23:05.0038 0x0d60  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:23:05.0085 0x0d60  adp94xx - ok
16:23:05.0100 0x0d60  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:23:05.0125 0x0d60  adpahci - ok
16:23:05.0135 0x0d60  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:23:05.0156 0x0d60  adpu320 - ok
16:23:05.0165 0x0d60  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:23:05.0213 0x0d60  AeLookupSvc - ok
16:23:05.0231 0x0d60  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:23:05.0270 0x0d60  AFD - ok
16:23:05.0276 0x0d60  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:23:05.0293 0x0d60  agp440 - ok
16:23:05.0299 0x0d60  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:23:05.0320 0x0d60  ALG - ok
16:23:05.0325 0x0d60  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:23:05.0340 0x0d60  aliide - ok
16:23:05.0351 0x0d60  [ 4C1E3649C89C7D542CD18ECC5210099D, 0D6CDA3E8E66DEFAA638A59B674D290035C3189C81C4C1EE4A359EC7918FA19A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:23:05.0387 0x0d60  AMD External Events Utility - ok
16:23:05.0391 0x0d60  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:23:05.0403 0x0d60  amdide - ok
16:23:05.0408 0x0d60  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:23:05.0424 0x0d60  AmdK8 - ok
16:23:05.0683 0x0d60  [ A3C0A15B39F979E8F3EABA901D72ECD7, D8D5C89FC85498D37EB33C75AC22F3B1FCFDB564BB11DEE63460023BA860ACF6 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:23:06.0154 0x0d60  amdkmdag - ok
16:23:06.0184 0x0d60  [ 20F3CD38B107C1BD747C0EA37D450165, 7C166B084A5AF45926DED78A5E3DC378ED3F744D46DE154A0FD83B000D3F60C3 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:23:06.0224 0x0d60  amdkmdap - ok
16:23:06.0232 0x0d60  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:23:06.0252 0x0d60  AmdPPM - ok
16:23:06.0260 0x0d60  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:23:06.0279 0x0d60  amdsata - ok
16:23:06.0289 0x0d60  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:23:06.0311 0x0d60  amdsbs - ok
16:23:06.0317 0x0d60  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:23:06.0333 0x0d60  amdxata - ok
16:23:06.0340 0x0d60  [ 107AB19CC1D40B9D04537F6EEAAC34C9, 3EE00EFCBF80CD4470EAF90C39285B35749EC9CC5822B882379D3D40400E1815 ] APC Data Service C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
16:23:06.0361 0x0d60  APC Data Service - ok
16:23:06.0384 0x0d60  [ C7F8C8080B055B3DE9A8141DFD8E308A, E4BB4EA75B8DEF4D410CC0B9EABE487F9207057E76BB8FB30326135659E5241A ] APC UPS Service C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
16:23:06.0440 0x0d60  APC UPS Service - ok
16:23:06.0447 0x0d60  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:23:06.0486 0x0d60  AppID - ok
16:23:06.0490 0x0d60  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:23:06.0529 0x0d60  AppIDSvc - ok
16:23:06.0533 0x0d60  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:23:06.0551 0x0d60  Appinfo - ok
16:23:06.0559 0x0d60  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:23:06.0580 0x0d60  AppMgmt - ok
16:23:06.0585 0x0d60  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:23:06.0599 0x0d60  arc - ok
16:23:06.0605 0x0d60  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:23:06.0622 0x0d60  arcsas - ok
16:23:06.0636 0x0d60  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:23:06.0654 0x0d60  aspnet_state - ok
16:23:06.0658 0x0d60  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:23:06.0694 0x0d60  AsyncMac - ok
16:23:06.0698 0x0d60  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:23:06.0711 0x0d60  atapi - ok
16:23:06.0718 0x0d60  [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:23:06.0733 0x0d60  AtiHDAudioService - ok
16:23:06.0752 0x0d60  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:23:06.0808 0x0d60  AudioEndpointBuilder - ok
16:23:06.0826 0x0d60  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:23:06.0878 0x0d60  AudioSrv - ok
16:23:06.0901 0x0d60  [ E058520EEE9DAC4613D846596FF82D92, 0291075CA16ACB79F4989DE44D381F5742A2A3601F22C3600AE236D864E3370E ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
16:23:06.0935 0x0d60  avc3 - ok
16:23:06.0945 0x0d60  [ 3B9549FEF98AB1768A1D6A919F355B70, 0014914051CB54CD7CC25561D29099A19DCFB2E1810FF635F9B6AD3D9C6FBC4B ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
16:23:06.0966 0x0d60  avchv - ok
16:23:06.0986 0x0d60  [ 62C4DB41DAEA0FC1F5CB103B023D1068, 8C04FDF08CB487A775C8970527AE8115D9CE538781C607F703EE49674C63BA56 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
16:23:07.0023 0x0d60  avckf - ok
16:23:07.0029 0x0d60  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
16:23:07.0046 0x0d60  avmeject - ok
16:23:07.0054 0x0d60  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:23:07.0082 0x0d60  AxInstSV - ok
16:23:07.0100 0x0d60  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:23:07.0137 0x0d60  b06bdrv - ok
16:23:07.0150 0x0d60  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:23:07.0178 0x0d60  b57nd60a - ok
16:23:07.0195 0x0d60  [ 6618F3780323393458130C1BEA90AFEC, 78084BB9C5797C99EA693AC7E51E44D05C55BD99745AAFD3FC7A62CF86FF2AC2 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
16:23:07.0215 0x0d60  BdDesktopParental - ok
16:23:07.0223 0x0d60  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:23:07.0244 0x0d60  BDESVC - ok
16:23:07.0252 0x0d60  [ 3FAFE12C5D1D4D5F3567E7A0A2F15A7C, B77455872683563C12963E1D8FC349FB33B048D615FD299571A2DCF1598C0A9F ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
16:23:07.0272 0x0d60  BdfNdisf - ok
16:23:07.0279 0x0d60  [ 4CE4B0098FC315C237FA8867F07886C4, 475B2D86EE7658372D868ABC9ACA965FDD8212D3AE2C6E4749DC53DBA3DC19D6 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
16:23:07.0298 0x0d60  bdfwfpf - ok
16:23:07.0305 0x0d60  [ 5B9DECBB17E58AB7C3A41EEF6B216768, EBBEB7E48308F7C6D52DC232345C4C52DA079F0441B3F7139080BA28A7F5AE0D ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
16:23:07.0324 0x0d60  BDSandBox - ok
16:23:07.0328 0x0d60  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:23:07.0374 0x0d60  Beep - ok
16:23:07.0398 0x0d60  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:23:07.0443 0x0d60  BFE - ok
16:23:07.0472 0x0d60  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:23:07.0550 0x0d60  BITS - ok
16:23:07.0557 0x0d60  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:23:07.0577 0x0d60  blbdrive - ok
16:23:07.0586 0x0d60  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:23:07.0609 0x0d60  bowser - ok
16:23:07.0614 0x0d60  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:23:07.0639 0x0d60  BrFiltLo - ok
16:23:07.0645 0x0d60  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:23:07.0669 0x0d60  BrFiltUp - ok
16:23:07.0678 0x0d60  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:23:07.0703 0x0d60  Browser - ok
16:23:07.0715 0x0d60  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:23:07.0747 0x0d60  Brserid - ok
16:23:07.0754 0x0d60  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:23:07.0777 0x0d60  BrSerWdm - ok
16:23:07.0781 0x0d60  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:23:07.0799 0x0d60  BrUsbMdm - ok
16:23:07.0803 0x0d60  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:23:07.0817 0x0d60  BrUsbSer - ok
16:23:07.0822 0x0d60  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:23:07.0837 0x0d60  BthEnum - ok
16:23:07.0842 0x0d60  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:23:07.0861 0x0d60  BTHMODEM - ok
16:23:07.0867 0x0d60  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:23:07.0887 0x0d60  BthPan - ok
16:23:07.0903 0x0d60  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:23:07.0934 0x0d60  BTHPORT - ok
16:23:07.0939 0x0d60  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:23:07.0977 0x0d60  bthserv - ok
16:23:07.0982 0x0d60  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:23:07.0998 0x0d60  BTHUSB - ok
16:23:08.0011 0x0d60  [ EDF778CC01A2187B3FC36382C5A28D79, 7CD6AF9DF3CE6692F7BFECC1DFD4FD6664F8106E81636746D3958B4DD0DC8758 ] cbfs4           C:\Windows\system32\drivers\cbfs4.sys
16:23:08.0035 0x0d60  cbfs4 - ok
16:23:08.0040 0x0d60  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:23:08.0078 0x0d60  cdfs - ok
16:23:08.0085 0x0d60  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:23:08.0103 0x0d60  cdrom - ok
16:23:08.0108 0x0d60  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:23:08.0145 0x0d60  CertPropSvc - ok
16:23:08.0150 0x0d60  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:23:08.0168 0x0d60  circlass - ok
16:23:08.0174 0x0d60  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys
16:23:08.0190 0x0d60  cleanhlp - ok
16:23:08.0205 0x0d60  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:23:08.0232 0x0d60  CLFS - ok
16:23:08.0241 0x0d60  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:23:08.0258 0x0d60  clr_optimization_v2.0.50727_32 - ok
16:23:08.0267 0x0d60  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:23:08.0287 0x0d60  clr_optimization_v2.0.50727_64 - ok
16:23:08.0300 0x0d60  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:23:08.0325 0x0d60  clr_optimization_v4.0.30319_32 - ok
16:23:08.0333 0x0d60  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:23:08.0357 0x0d60  clr_optimization_v4.0.30319_64 - ok
16:23:08.0362 0x0d60  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:23:08.0380 0x0d60  CmBatt - ok
16:23:08.0385 0x0d60  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:23:08.0401 0x0d60  cmdide - ok
16:23:08.0418 0x0d60  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:23:08.0457 0x0d60  CNG - ok
16:23:08.0463 0x0d60  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:23:08.0478 0x0d60  Compbatt - ok
16:23:08.0483 0x0d60  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:23:08.0507 0x0d60  CompositeBus - ok
16:23:08.0511 0x0d60  COMSysApp - ok
16:23:08.0598 0x0d60  cpuz135 - ok
16:23:08.0603 0x0d60  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:23:08.0619 0x0d60  crcdisk - ok
16:23:08.0630 0x0d60  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:23:08.0656 0x0d60  CryptSvc - ok
16:23:08.0675 0x0d60  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:23:08.0713 0x0d60  CSC - ok
16:23:08.0737 0x0d60  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:23:08.0781 0x0d60  CscService - ok
16:23:08.0799 0x0d60  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:23:08.0853 0x0d60  DcomLaunch - ok
16:23:08.0864 0x0d60  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:23:08.0908 0x0d60  defragsvc - ok
16:23:08.0993 0x0d60  [ FA59D4BCD31B272CB363C0E62BC06F88, 5FF61E459E0A92CB36A0413AA7B842BF35E44ECCA4C4192BEDB9E07B5C103F94 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
16:23:09.0471 0x0d60  DevoloNetworkService - ok
16:23:09.0482 0x0d60  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:23:09.0531 0x0d60  DfsC - ok
16:23:09.0544 0x0d60  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:23:09.0575 0x0d60  Dhcp - ok
16:23:09.0581 0x0d60  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:23:09.0632 0x0d60  discache - ok
16:23:09.0639 0x0d60  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:23:09.0657 0x0d60  Disk - ok
16:23:09.0664 0x0d60  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:23:09.0685 0x0d60  dmvsc - ok
16:23:09.0694 0x0d60  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:23:09.0719 0x0d60  Dnscache - ok
16:23:09.0731 0x0d60  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:23:09.0784 0x0d60  dot3svc - ok
16:23:09.0791 0x0d60  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:23:09.0830 0x0d60  DPS - ok
16:23:09.0834 0x0d60  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:23:09.0848 0x0d60  drmkaud - ok
16:23:09.0855 0x0d60  [ 143909A4FF43EFEB03B6B115EF0C150D, DDCC77A69A35AB9B4592C186247042D2AB8AA29F9CAE6C8E0D6FDC6CF2AC53D5 ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
16:23:09.0882 0x0d60  DTSRVC - ok
16:23:09.0885 0x0d60  DUMeterDrv - ok
16:23:09.0910 0x0d60  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:23:09.0948 0x0d60  DXGKrnl - ok
16:23:09.0954 0x0d60  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:23:09.0997 0x0d60  EapHost - ok
16:23:10.0094 0x0d60  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:23:10.0236 0x0d60  ebdrv - ok
16:23:10.0245 0x0d60  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
16:23:10.0264 0x0d60  EFS - ok
16:23:10.0289 0x0d60  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:23:10.0335 0x0d60  ehRecvr - ok
16:23:10.0343 0x0d60  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:23:10.0367 0x0d60  ehSched - ok
16:23:10.0386 0x0d60  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:23:10.0419 0x0d60  elxstor - ok
16:23:10.0424 0x0d60  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:23:10.0442 0x0d60  ErrDev - ok
16:23:10.0450 0x0d60  [ 3DBC10CBC436288801FAEE66DE91AE47, CE50732C43AEB8ACF977DF7CF609C88CB022E596EBE0C0AA9DDBC4D6BB25B804 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
16:23:10.0472 0x0d60  EtronHub3 - ok
16:23:10.0479 0x0d60  [ DE261095A2220D400D9603E1E42D4185, F5C4493EDCE92EC46BC7940764F719131FE27AE695201EDF143D678881CD239D ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
16:23:10.0503 0x0d60  EtronXHCI - ok
16:23:10.0521 0x0d60  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:23:10.0581 0x0d60  EventSystem - ok
16:23:10.0592 0x0d60  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:23:10.0645 0x0d60  exfat - ok
16:23:10.0655 0x0d60  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:23:10.0710 0x0d60  fastfat - ok
16:23:10.0734 0x0d60  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:23:10.0779 0x0d60  Fax - ok
16:23:10.0785 0x0d60  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:23:10.0800 0x0d60  fdc - ok
16:23:10.0804 0x0d60  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:23:10.0840 0x0d60  fdPHost - ok
16:23:10.0845 0x0d60  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:23:10.0881 0x0d60  FDResPub - ok
16:23:10.0886 0x0d60  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:23:10.0900 0x0d60  FileInfo - ok
16:23:10.0904 0x0d60  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:23:10.0940 0x0d60  Filetrace - ok
16:23:10.0943 0x0d60  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:23:10.0958 0x0d60  flpydisk - ok
16:23:10.0968 0x0d60  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:23:10.0988 0x0d60  FltMgr - ok
16:23:11.0025 0x0d60  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:23:11.0088 0x0d60  FontCache - ok
16:23:11.0095 0x0d60  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:23:11.0110 0x0d60  FontCache3.0.0.0 - ok
16:23:11.0116 0x0d60  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:23:11.0132 0x0d60  FsDepends - ok
16:23:11.0138 0x0d60  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:23:11.0153 0x0d60  Fs_Rec - ok
16:23:11.0162 0x0d60  [ 290EBA98AD0CE0D1B880B5D71194B069, 60CF4DBCFBF5EABE127663322E0CA2B324DB8A92039E7B7C044ACD64DBD324AB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
16:23:11.0198 0x0d60  Futuremark SystemInfo Service - ok
16:23:11.0209 0x0d60  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:23:11.0236 0x0d60  fvevol - ok
16:23:11.0269 0x0d60  [ 8A3DB33B2FA1D0CAF7A70256E00EB996, 13F51EEB0088A8891620388843A8C3BA1D1526CF8AF1C5960E167FC4C877563A ] fwlanusb5       C:\Windows\system32\DRIVERS\fwlanusb5.sys
16:23:11.0326 0x0d60  fwlanusb5 - ok
16:23:11.0333 0x0d60  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:23:11.0350 0x0d60  gagp30kx - ok
16:23:11.0353 0x0d60  gdrv - ok
16:23:11.0359 0x0d60  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:23:11.0376 0x0d60  GEARAspiWDM - ok
16:23:11.0403 0x0d60  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:23:11.0479 0x0d60  gpsvc - ok
16:23:11.0488 0x0d60  GPU-Z - ok
16:23:11.0495 0x0d60  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:11.0513 0x0d60  gupdate - ok
16:23:11.0520 0x0d60  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:23:11.0534 0x0d60  gupdatem - ok
16:23:11.0542 0x0d60  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:23:11.0577 0x0d60  gusvc - ok
16:23:11.0587 0x0d60  [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
16:23:11.0609 0x0d60  gzflt - ok
16:23:11.0614 0x0d60  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:23:11.0634 0x0d60  hcw85cir - ok
16:23:11.0649 0x0d60  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:23:11.0685 0x0d60  HdAudAddService - ok
16:23:11.0694 0x0d60  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:23:11.0721 0x0d60  HDAudBus - ok
16:23:11.0727 0x0d60  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:23:11.0747 0x0d60  HidBatt - ok
16:23:11.0754 0x0d60  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:23:11.0779 0x0d60  HidBth - ok
16:23:11.0784 0x0d60  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:23:11.0802 0x0d60  HidIr - ok
16:23:11.0806 0x0d60  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:23:11.0843 0x0d60  hidserv - ok
16:23:11.0847 0x0d60  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:23:11.0862 0x0d60  HidUsb - ok
16:23:11.0868 0x0d60  [ E9499A51801037F4E7CD2D7937D76542, E908A7DC52E8FD4E611620E2E0D23D567B44F965208274C5CF571FC1694F1EB5 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
16:23:11.0883 0x0d60  HitmanProScheduler - ok
16:23:11.0889 0x0d60  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:23:11.0925 0x0d60  hkmsvc - ok
16:23:11.0930 0x0d60  [ CF07C0A9D38A248D036DD9C47E4D0D6E, 6952DA6466DAE2E378F92934E1925887DD122A511BC5D6A0EF2194108E320126 ] hmpalert        C:\Windows\system32\drivers\hmpalert.sys
16:23:11.0945 0x0d60  hmpalert - ok
16:23:11.0990 0x0d60  [ 2638395F6E61889D75C363A80A0E17F4, D61FD993DA6605F32E6CDAC889285EB67F1A112BB9A294838BB90FCBF5FA11C1 ] hmpalertsvc     C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
16:23:12.0060 0x0d60  hmpalertsvc - ok
16:23:12.0071 0x0d60  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:23:12.0092 0x0d60  HomeGroupListener - ok
16:23:12.0100 0x0d60  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:23:12.0120 0x0d60  HomeGroupProvider - ok
16:23:12.0125 0x0d60  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:23:12.0139 0x0d60  HpSAMD - ok
16:23:12.0158 0x0d60  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:23:12.0224 0x0d60  HTTP - ok
16:23:12.0230 0x0d60  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:23:12.0245 0x0d60  hwpolicy - ok
16:23:12.0252 0x0d60  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:23:12.0275 0x0d60  i8042prt - ok
16:23:12.0298 0x0d60  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:23:12.0333 0x0d60  iaStor - ok
16:23:12.0341 0x0d60  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:23:12.0362 0x0d60  IAStorDataMgrSvc - ok
16:23:12.0379 0x0d60  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:23:12.0409 0x0d60  iaStorV - ok
16:23:12.0437 0x0d60  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:23:12.0483 0x0d60  idsvc - ok
16:23:12.0489 0x0d60  IEEtwCollectorService - ok
16:23:12.0743 0x0d60  [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:23:13.0073 0x0d60  igfx - detected UnsignedFile.Multi.Generic ( 1 )
16:23:15.0482 0x0d60  Detect skipped due to KSN trusted
16:23:15.0484 0x0d60  igfx - ok
16:23:15.0492 0x0d60  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:23:15.0511 0x0d60  iirsp - ok
16:23:15.0539 0x0d60  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:23:15.0590 0x0d60  IKEEXT - ok
16:23:15.0708 0x0d60  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:23:15.0839 0x0d60  IntcAzAudAddService - ok
16:23:15.0854 0x0d60  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:23:15.0872 0x0d60  IntcDAud - detected UnsignedFile.Multi.Generic ( 1 )
16:23:18.0366 0x0d60  Detect skipped due to KSN trusted
16:23:18.0367 0x0d60  IntcDAud - ok
16:23:18.0371 0x0d60  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:23:18.0387 0x0d60  intelide - ok
16:23:18.0393 0x0d60  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:23:18.0413 0x0d60  intelppm - ok
16:23:18.0421 0x0d60  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:23:18.0470 0x0d60  IPBusEnum - ok
16:23:18.0477 0x0d60  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:23:18.0524 0x0d60  IpFilterDriver - ok
16:23:18.0545 0x0d60  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:23:18.0585 0x0d60  iphlpsvc - ok
16:23:18.0592 0x0d60  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:23:18.0614 0x0d60  IPMIDRV - ok
16:23:18.0621 0x0d60  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:23:18.0671 0x0d60  IPNAT - ok
16:23:18.0702 0x0d60  [ EE4C2A137C7088911A8919EFFC9812E7, B93DE083B872FAA44D37C1EBC5C7F408FC6105F4324240796BF4F42951868117 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:23:18.0748 0x0d60  iPod Service - ok
16:23:18.0754 0x0d60  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:23:18.0781 0x0d60  IRENUM - ok
16:23:18.0786 0x0d60  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:23:18.0798 0x0d60  isapnp - ok
16:23:18.0808 0x0d60  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:23:18.0827 0x0d60  iScsiPrt - ok
16:23:18.0832 0x0d60  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:23:18.0845 0x0d60  kbdclass - ok
16:23:18.0849 0x0d60  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:23:18.0864 0x0d60  kbdhid - ok
16:23:18.0868 0x0d60  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
16:23:18.0882 0x0d60  KeyIso - ok
16:23:18.0888 0x0d60  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:23:18.0902 0x0d60  KSecDD - ok
16:23:18.0909 0x0d60  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:23:18.0924 0x0d60  KSecPkg - ok
16:23:18.0928 0x0d60  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:23:18.0963 0x0d60  ksthunk - ok
16:23:18.0975 0x0d60  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:23:19.0033 0x0d60  KtmRm - ok
16:23:19.0045 0x0d60  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:23:19.0099 0x0d60  LanmanServer - ok
16:23:19.0107 0x0d60  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:23:19.0157 0x0d60  LanmanWorkstation - ok
16:23:19.0173 0x0d60  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:23:19.0201 0x0d60  LBTServ - ok
16:23:19.0210 0x0d60  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
16:23:19.0227 0x0d60  LEqdUsb - ok
16:23:19.0232 0x0d60  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
16:23:19.0246 0x0d60  LHidEqd - ok
16:23:19.0253 0x0d60  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:23:19.0270 0x0d60  LHidFilt - ok
16:23:19.0276 0x0d60  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:23:19.0323 0x0d60  lltdio - ok
16:23:19.0336 0x0d60  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:23:19.0394 0x0d60  lltdsvc - ok
16:23:19.0399 0x0d60  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:23:19.0446 0x0d60  lmhosts - ok
16:23:19.0452 0x0d60  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:23:19.0470 0x0d60  LMouFilt - ok
16:23:19.0479 0x0d60  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:23:19.0499 0x0d60  LSI_FC - ok
16:23:19.0507 0x0d60  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:23:19.0526 0x0d60  LSI_SAS - ok
16:23:19.0532 0x0d60  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:23:19.0549 0x0d60  LSI_SAS2 - ok
16:23:19.0556 0x0d60  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:23:19.0575 0x0d60  LSI_SCSI - ok
16:23:19.0582 0x0d60  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:23:19.0621 0x0d60  luafv - ok
16:23:19.0626 0x0d60  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:23:19.0644 0x0d60  Mcx2Svc - ok
16:23:19.0648 0x0d60  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:23:19.0661 0x0d60  megasas - ok
16:23:19.0670 0x0d60  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:23:19.0689 0x0d60  MegaSR - ok
16:23:19.0694 0x0d60  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:23:19.0708 0x0d60  MEIx64 - ok
16:23:19.0716 0x0d60  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:23:19.0729 0x0d60  Microsoft Office Groove Audit Service - ok
16:23:19.0734 0x0d60  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:23:19.0771 0x0d60  MMCSS - ok
16:23:19.0776 0x0d60  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:23:19.0812 0x0d60  Modem - ok
16:23:19.0817 0x0d60  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:23:19.0835 0x0d60  monitor - ok
16:23:19.0839 0x0d60  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:23:19.0852 0x0d60  mouclass - ok
16:23:19.0856 0x0d60  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:23:19.0872 0x0d60  mouhid - ok
16:23:19.0878 0x0d60  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:23:19.0892 0x0d60  mountmgr - ok
16:23:19.0898 0x0d60  [ A5F6ADC56FA516594E99C328A7E7FD54, 6FB011B00B8AB085F3083E967B89BBFCA1AC7677407E9E72AD582CCC8212D136 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:23:19.0913 0x0d60  MozillaMaintenance - ok
16:23:20.0035 0x0d60  [ 9FA705BE049065E8179925CFDDAE0B1C, C8105BC2AE757E92F8419149456C02718F247CD24DB2863B1B69AC2CA789910E ] mozybackup      K:\Windows_SSD\MOZY\mozybackup.exe
16:23:20.0052 0x0d60  mozybackup - ok
16:23:20.0058 0x0d60  [ B45F76965CAD927C6AF44E991EC7047A, A4D29CF59A108907D67346AD21084D03273F7F2DCD37ABF556651B66260DDB84 ] mozyFilter      C:\Windows\system32\DRIVERS\mozy.sys
16:23:20.0078 0x0d60  mozyFilter - ok
16:23:20.0087 0x0d60  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:23:20.0107 0x0d60  mpio - ok
16:23:20.0114 0x0d60  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:23:20.0161 0x0d60  mpsdrv - ok
16:23:20.0189 0x0d60  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:23:20.0264 0x0d60  MpsSvc - ok
16:23:20.0274 0x0d60  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:23:20.0297 0x0d60  MRxDAV - ok
16:23:20.0305 0x0d60  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:23:20.0329 0x0d60  mrxsmb - ok
16:23:20.0342 0x0d60  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:23:20.0370 0x0d60  mrxsmb10 - ok
16:23:20.0378 0x0d60  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:23:20.0400 0x0d60  mrxsmb20 - ok
16:23:20.0405 0x0d60  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:23:20.0421 0x0d60  msahci - ok
16:23:20.0429 0x0d60  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:23:20.0449 0x0d60  msdsm - ok
16:23:20.0457 0x0d60  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:23:20.0482 0x0d60  MSDTC - ok
16:23:20.0490 0x0d60  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:23:20.0538 0x0d60  Msfs - ok
16:23:20.0542 0x0d60  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:23:20.0588 0x0d60  mshidkmdf - ok
16:23:20.0593 0x0d60  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:23:20.0608 0x0d60  msisadrv - ok
16:23:20.0617 0x0d60  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:23:20.0669 0x0d60  MSiSCSI - ok
16:23:20.0673 0x0d60  msiserver - ok
16:23:20.0678 0x0d60  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:23:20.0723 0x0d60  MSKSSRV - ok
16:23:20.0728 0x0d60  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:23:20.0773 0x0d60  MSPCLOCK - ok
16:23:20.0777 0x0d60  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:23:20.0823 0x0d60  MSPQM - ok
16:23:20.0838 0x0d60  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:23:20.0865 0x0d60  MsRPC - ok
16:23:20.0872 0x0d60  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:23:20.0888 0x0d60  mssmbios - ok
16:23:20.0893 0x0d60  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:23:20.0938 0x0d60  MSTEE - ok
16:23:20.0943 0x0d60  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:23:20.0962 0x0d60  MTConfig - ok
16:23:20.0968 0x0d60  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:23:20.0984 0x0d60  Mup - ok
16:23:20.0999 0x0d60  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:23:21.0048 0x0d60  napagent - ok
16:23:21.0059 0x0d60  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:23:21.0088 0x0d60  NativeWifiP - ok
16:23:21.0093 0x0d60  [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys
16:23:21.0108 0x0d60  NBVol - ok
16:23:21.0114 0x0d60  [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys
16:23:21.0126 0x0d60  NBVolUp - ok
16:23:21.0151 0x0d60  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:23:21.0188 0x0d60  NDIS - ok
16:23:21.0193 0x0d60  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:23:21.0229 0x0d60  NdisCap - ok
16:23:21.0233 0x0d60  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:23:21.0269 0x0d60  NdisTapi - ok
16:23:21.0273 0x0d60  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:23:21.0309 0x0d60  Ndisuio - ok
16:23:21.0316 0x0d60  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:23:21.0354 0x0d60  NdisWan - ok
16:23:21.0359 0x0d60  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:23:21.0398 0x0d60  NDProxy - ok
16:23:21.0404 0x0d60  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:23:21.0450 0x0d60  NetBIOS - ok
16:23:21.0462 0x0d60  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:23:21.0518 0x0d60  NetBT - ok
16:23:21.0523 0x0d60  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
16:23:21.0542 0x0d60  Netlogon - ok
16:23:21.0556 0x0d60  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:23:21.0616 0x0d60  Netman - ok
16:23:21.0624 0x0d60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0648 0x0d60  NetMsmqActivator - ok
16:23:21.0655 0x0d60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0676 0x0d60  NetPipeActivator - ok
16:23:21.0695 0x0d60  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:23:21.0760 0x0d60  netprofm - ok
16:23:21.0768 0x0d60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0789 0x0d60  NetTcpActivator - ok
16:23:21.0796 0x0d60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:23:21.0817 0x0d60  NetTcpPortSharing - ok
16:23:21.0823 0x0d60  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:23:21.0840 0x0d60  nfrd960 - ok
16:23:21.0853 0x0d60  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:23:21.0883 0x0d60  NlaSvc - ok
16:23:21.0889 0x0d60  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
16:23:21.0907 0x0d60  NPF - ok
16:23:21.0913 0x0d60  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:23:21.0960 0x0d60  Npfs - ok
16:23:21.0985 0x0d60  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
16:23:21.0999 0x0d60  NPF_devolo - ok
16:23:22.0004 0x0d60  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:23:22.0040 0x0d60  nsi - ok
16:23:22.0043 0x0d60  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:23:22.0079 0x0d60  nsiproxy - ok
16:23:22.0121 0x0d60  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:23:22.0177 0x0d60  Ntfs - ok
16:23:22.0182 0x0d60  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:23:22.0227 0x0d60  Null - ok
16:23:22.0236 0x0d60  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:23:22.0256 0x0d60  nvraid - ok
16:23:22.0265 0x0d60  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:23:22.0286 0x0d60  nvstor - ok
16:23:22.0294 0x0d60  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:23:22.0313 0x0d60  nv_agp - ok
16:23:22.0331 0x0d60  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:23:22.0360 0x0d60  odserv - ok
16:23:22.0368 0x0d60  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:23:22.0389 0x0d60  ohci1394 - ok
16:23:22.0397 0x0d60  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:23:22.0415 0x0d60  ose - ok
16:23:22.0432 0x0d60  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:23:22.0462 0x0d60  p2pimsvc - ok
16:23:22.0480 0x0d60  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:23:22.0517 0x0d60  p2psvc - ok
16:23:22.0524 0x0d60  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:23:22.0546 0x0d60  Parport - ok
16:23:22.0553 0x0d60  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:23:22.0570 0x0d60  partmgr - ok
16:23:22.0579 0x0d60  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:23:22.0611 0x0d60  PcaSvc - ok
16:23:22.0617 0x0d60  [ 81B5E63131090879AD6EF9F32109B88D, 581680BFE9B2BACBD5E55D807EFB17C69488AE3F5C61358B0955E1494FD3514E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:23:22.0637 0x0d60  pccsmcfd - ok
16:23:22.0646 0x0d60  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:23:22.0667 0x0d60  pci - ok
16:23:22.0671 0x0d60  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:23:22.0687 0x0d60  pciide - ok
16:23:22.0697 0x0d60  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:23:22.0720 0x0d60  pcmcia - ok
16:23:22.0726 0x0d60  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:23:22.0742 0x0d60  pcw - ok
16:23:22.0784 0x0d60  [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
16:23:22.0887 0x0d60  PDF Architect Helper Service - ok
16:23:22.0915 0x0d60  [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
16:23:22.0986 0x0d60  PDF Architect Service - ok
16:23:22.0994 0x0d60  [ 2CB452340166478BD3A9E1B990A8E32C, 12B41308C82CA2644D1504DB965EECB91DFE0C00251565C29079C5F703070B73 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
16:23:23.0020 0x0d60  PdiService - ok
16:23:23.0038 0x0d60  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:23:23.0092 0x0d60  PEAUTH - ok
16:23:23.0127 0x0d60  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:23:23.0182 0x0d60  PeerDistSvc - ok
16:23:23.0191 0x0d60  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:23:23.0212 0x0d60  PerfHost - ok
16:23:23.0261 0x0d60  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:23:23.0361 0x0d60  pla - ok
16:23:23.0379 0x0d60  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:23:23.0414 0x0d60  PlugPlay - ok
16:23:23.0419 0x0d60  PnkBstrA - ok
16:23:23.0425 0x0d60  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:23:23.0444 0x0d60  PNRPAutoReg - ok
16:23:23.0457 0x0d60  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:23:23.0486 0x0d60  PNRPsvc - ok
16:23:23.0508 0x0d60  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:23:23.0571 0x0d60  PolicyAgent - ok
16:23:23.0582 0x0d60  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:23:23.0635 0x0d60  Power - ok
16:23:23.0643 0x0d60  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:23:23.0692 0x0d60  PptpMiniport - ok
16:23:23.0698 0x0d60  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:23:23.0719 0x0d60  Processor - ok
16:23:23.0729 0x0d60  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:23:23.0756 0x0d60  ProfSvc - ok
16:23:23.0761 0x0d60  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:23:23.0779 0x0d60  ProtectedStorage - ok
16:23:23.0786 0x0d60  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:23:23.0823 0x0d60  Psched - ok
16:23:23.0861 0x0d60  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:23:23.0912 0x0d60  ql2300 - ok
16:23:23.0919 0x0d60  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:23:23.0934 0x0d60  ql40xx - ok
16:23:23.0943 0x0d60  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:23:23.0970 0x0d60  QWAVE - ok
16:23:23.0974 0x0d60  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:23:23.0997 0x0d60  QWAVEdrv - ok
16:23:24.0002 0x0d60  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:23:24.0048 0x0d60  RasAcd - ok
16:23:24.0054 0x0d60  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:23:24.0101 0x0d60  RasAgileVpn - ok
16:23:24.0108 0x0d60  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:23:24.0159 0x0d60  RasAuto - ok
16:23:24.0167 0x0d60  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:23:24.0215 0x0d60  Rasl2tp - ok
16:23:24.0230 0x0d60  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:23:24.0288 0x0d60  RasMan - ok
16:23:24.0295 0x0d60  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:23:24.0345 0x0d60  RasPppoe - ok
16:23:24.0352 0x0d60  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:23:24.0401 0x0d60  RasSstp - ok
16:23:24.0414 0x0d60  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:23:24.0470 0x0d60  rdbss - ok
16:23:24.0476 0x0d60  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:23:24.0498 0x0d60  rdpbus - ok
16:23:24.0503 0x0d60  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:23:24.0548 0x0d60  RDPCDD - ok
16:23:24.0559 0x0d60  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:23:24.0584 0x0d60  RDPDR - ok
16:23:24.0588 0x0d60  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:23:24.0634 0x0d60  RDPENCDD - ok
16:23:24.0641 0x0d60  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:23:24.0688 0x0d60  RDPREFMP - ok
16:23:24.0695 0x0d60  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:23:24.0716 0x0d60  RdpVideoMiniport - ok
16:23:24.0726 0x0d60  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:23:24.0752 0x0d60  RDPWD - ok
16:23:24.0762 0x0d60  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:23:24.0785 0x0d60  rdyboost - ok
16:23:24.0792 0x0d60  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:23:24.0842 0x0d60  RemoteAccess - ok
16:23:24.0851 0x0d60  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:23:24.0904 0x0d60  RemoteRegistry - ok
16:23:24.0912 0x0d60  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:23:24.0940 0x0d60  RFCOMM - ok
16:23:24.0948 0x0d60  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
16:23:24.0994 0x0d60  rpcapd - ok
16:23:25.0000 0x0d60  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:23:25.0037 0x0d60  RpcEptMapper - ok
16:23:25.0041 0x0d60  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:23:25.0056 0x0d60  RpcLocator - ok
16:23:25.0071 0x0d60  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:23:25.0119 0x0d60  RpcSs - ok
16:23:25.0125 0x0d60  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:23:25.0162 0x0d60  rspndr - ok
16:23:25.0171 0x0d60  [ C20F64FCD5E2B40310A1774495877ACD, 459E337266EE510E67C5065D2CFDA6804BA5BAF82A4B6E43E80238C86269770D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:23:25.0191 0x0d60  RTHDMIAzAudService - ok
16:23:25.0212 0x0d60  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:23:25.0246 0x0d60  RTL8167 - ok
16:23:25.0278 0x0d60  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
16:23:25.0324 0x0d60  RTL8192cu - ok
16:23:25.0342 0x0d60  [ 45F606823EAA469582318C722C76A29D, 1016FBE111638AE369F7C5FF6CA33178FD6CB06D361F3B488DE6C4D85A22253A ] RUBotSrv        C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
16:23:25.0387 0x0d60  RUBotSrv - ok
16:23:25.0392 0x0d60  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:23:25.0410 0x0d60  s3cap - ok
16:23:25.0416 0x0d60  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
16:23:25.0435 0x0d60  SamSs - ok
16:23:25.0447 0x0d60  [ E20128053F3F4641A2627ECFA7149ECA, CE5620BC170E76E53FEDCCEE12BBFBEE7C67B96E53E5D9C63FA7773C36699DC6 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
16:23:25.0472 0x0d60  SbieDrv - ok
16:23:25.0483 0x0d60  [ 0FA1025D7AC725EEA5EA3076965EEA6B, 80AFCFD77BCE07F34C1276F5F416A156ABB9FEDC2AAF7AE68CEA500A4468D125 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
16:23:25.0507 0x0d60  SbieSvc - ok
16:23:25.0515 0x0d60  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:23:25.0533 0x0d60  sbp2port - ok
16:23:25.0543 0x0d60  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:23:25.0597 0x0d60  SCardSvr - ok
16:23:25.0602 0x0d60  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:23:25.0648 0x0d60  scfilter - ok
16:23:25.0684 0x0d60  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:23:25.0773 0x0d60  Schedule - ok
16:23:25.0781 0x0d60  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:23:25.0816 0x0d60  SCPolicySvc - ok
16:23:25.0824 0x0d60  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:23:25.0844 0x0d60  SDRSVC - ok
16:23:25.0938 0x0d60  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:23:26.0087 0x0d60  SDScannerService - ok
16:23:26.0117 0x0d60  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:23:26.0168 0x0d60  SDUpdateService - ok
16:23:26.0176 0x0d60  [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:23:26.0209 0x0d60  SDWSCService - ok
16:23:26.0214 0x0d60  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:23:26.0260 0x0d60  secdrv - ok
16:23:26.0266 0x0d60  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:23:26.0311 0x0d60  seclogon - ok
16:23:26.0317 0x0d60  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:23:26.0366 0x0d60  SENS - ok
16:23:26.0371 0x0d60  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:23:26.0391 0x0d60  SensrSvc - ok
16:23:26.0398 0x0d60  [ 9F6490423AC3271E84A90A0DD9D30A3B, 7F8559B06A2E8FC35F71A099F320A87BB90FC9783133C19F49046F06ECBC9605 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
16:23:26.0422 0x0d60  Ser2pl - ok
16:23:26.0427 0x0d60  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:23:26.0446 0x0d60  Serenum - ok
16:23:26.0452 0x0d60  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:23:26.0474 0x0d60  Serial - ok
16:23:26.0479 0x0d60  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:23:26.0498 0x0d60  sermouse - ok
16:23:26.0515 0x0d60  [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
16:23:26.0558 0x0d60  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
16:23:36.0727 0x0d60  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
16:23:41.0086 0x0d60  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:23:41.0139 0x0d60  SessionEnv - ok
16:23:41.0144 0x0d60  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:23:41.0166 0x0d60  sffdisk - ok
16:23:41.0170 0x0d60  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:23:41.0192 0x0d60  sffp_mmc - ok
16:23:41.0197 0x0d60  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:23:41.0218 0x0d60  sffp_sd - ok
16:23:41.0223 0x0d60  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:23:41.0241 0x0d60  sfloppy - ok
16:23:41.0256 0x0d60  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:23:41.0317 0x0d60  SharedAccess - ok
16:23:41.0333 0x0d60  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:23:41.0392 0x0d60  ShellHWDetection - ok
16:23:41.0398 0x0d60  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:23:41.0415 0x0d60  SiSRaid2 - ok
16:23:41.0421 0x0d60  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:23:41.0439 0x0d60  SiSRaid4 - ok
16:23:41.0446 0x0d60  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:23:41.0495 0x0d60  Smb - ok
16:23:41.0508 0x0d60  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:23:41.0528 0x0d60  SNMPTRAP - ok
16:23:41.0534 0x0d60  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
16:23:41.0555 0x0d60  speedfan - ok
16:23:41.0560 0x0d60  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:23:41.0575 0x0d60  spldr - ok
16:23:41.0592 0x0d60  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:23:41.0623 0x0d60  Spooler - ok
16:23:41.0704 0x0d60  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:23:41.0843 0x0d60  sppsvc - ok
16:23:41.0851 0x0d60  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:23:41.0889 0x0d60  sppuinotify - ok
16:23:41.0899 0x0d60  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:23:41.0924 0x0d60  SQLBrowser - ok
16:23:41.0931 0x0d60  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:23:41.0947 0x0d60  SQLWriter - ok
16:23:41.0962 0x0d60  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:23:41.0990 0x0d60  srv - ok
16:23:42.0003 0x0d60  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:23:42.0028 0x0d60  srv2 - ok
16:23:42.0036 0x0d60  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:23:42.0054 0x0d60  srvnet - ok
16:23:42.0062 0x0d60  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:23:42.0104 0x0d60  SSDPSRV - ok
16:23:42.0109 0x0d60  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:23:42.0147 0x0d60  SstpSvc - ok
16:23:42.0163 0x0d60  [ 54BF0E8619D58271851670649764AA92, A5BFBEE4CF37C43755B7727616FD2E2FEEF8F2DF59D80A5C2B15745B0B92A652 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:23:42.0200 0x0d60  Steam Client Service - ok
16:23:42.0206 0x0d60  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:23:42.0222 0x0d60  stexstor - ok
16:23:42.0245 0x0d60  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:23:42.0292 0x0d60  stisvc - ok
16:23:42.0298 0x0d60  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:23:42.0314 0x0d60  storflt - ok
16:23:42.0319 0x0d60  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
16:23:42.0339 0x0d60  StorSvc - ok
16:23:42.0344 0x0d60  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:23:42.0360 0x0d60  storvsc - ok
16:23:42.0365 0x0d60  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:23:42.0380 0x0d60  swenum - ok
16:23:42.0399 0x0d60  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:23:42.0466 0x0d60  swprv - ok
16:23:42.0521 0x0d60  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:23:42.0613 0x0d60  SysMain - ok
16:23:42.0622 0x0d60  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:23:42.0651 0x0d60  TabletInputService - ok
16:23:42.0656 0x0d60  [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
16:23:42.0675 0x0d60  tap0901 - detected UnsignedFile.Multi.Generic ( 1 )
16:23:45.0086 0x0d60  Detect skipped due to KSN trusted
16:23:45.0086 0x0d60  tap0901 - ok
16:23:45.0100 0x0d60  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:23:45.0158 0x0d60  TapiSrv - ok
16:23:45.0164 0x0d60  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:23:45.0214 0x0d60  TBS - ok
16:23:45.0271 0x0d60  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:23:45.0350 0x0d60  Tcpip - ok
16:23:45.0410 0x0d60  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:23:45.0484 0x0d60  TCPIP6 - ok
16:23:45.0495 0x0d60  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:23:45.0518 0x0d60  tcpipreg - ok
16:23:45.0525 0x0d60  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:23:45.0543 0x0d60  TDPIPE - ok
16:23:45.0548 0x0d60  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:23:45.0567 0x0d60  TDTCP - ok
16:23:45.0574 0x0d60  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:23:45.0613 0x0d60  tdx - ok
16:23:45.0617 0x0d60  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:23:45.0630 0x0d60  TermDD - ok
16:23:45.0649 0x0d60  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
16:23:45.0685 0x0d60  TermService - ok
16:23:45.0690 0x0d60  [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
16:23:45.0703 0x0d60  TFsExDisk - ok
16:23:45.0708 0x0d60  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:23:45.0728 0x0d60  Themes - ok
16:23:45.0733 0x0d60  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:23:45.0769 0x0d60  THREADORDER - ok
16:23:45.0775 0x0d60  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:23:45.0825 0x0d60  TrkWks - ok
16:23:45.0842 0x0d60  [ 325A512F98BEB97B1FFBE88927B8090D, 2A0C10516E3506D63290345DFAC98D5A623584767E034EBF652B9DBE6CF70547 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
16:23:45.0871 0x0d60  trufos - ok
16:23:45.0881 0x0d60  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:23:45.0932 0x0d60  TrustedInstaller - ok
16:23:45.0939 0x0d60  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:23:45.0958 0x0d60  tssecsrv - ok
16:23:45.0965 0x0d60  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:23:45.0985 0x0d60  TsUsbFlt - ok
16:23:45.0990 0x0d60  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:23:46.0008 0x0d60  TsUsbGD - ok
16:23:46.0016 0x0d60  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:23:46.0065 0x0d60  tunnel - ok
16:23:46.0071 0x0d60  [ 42350E49DA754D2D77362FDAE3491651, F29E8BA444ECB0484066B02C0A3DCE09B8417159EE37D7A2E05D4C06A98449C4 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
16:23:46.0089 0x0d60  TurboB - ok
16:23:46.0097 0x0d60  [ 4F4B0AB2FB69C414CCBCEF7CF2E1C8D8, E1F197554369C97DBF61389346B4CB0233F40AAA2575F5D2FEC809AC9123FC69 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:23:46.0119 0x0d60  TurboBoost - ok
16:23:46.0125 0x0d60  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:23:46.0142 0x0d60  uagp35 - ok
16:23:46.0156 0x0d60  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:23:46.0213 0x0d60  udfs - ok
16:23:46.0222 0x0d60  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:23:46.0244 0x0d60  UI0Detect - ok
16:23:46.0250 0x0d60  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:23:46.0267 0x0d60  uliagpkx - ok
16:23:46.0272 0x0d60  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:23:46.0292 0x0d60  umbus - ok
16:23:46.0297 0x0d60  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:23:46.0315 0x0d60  UmPass - ok
16:23:46.0325 0x0d60  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:23:46.0352 0x0d60  UmRdpService - ok
16:23:46.0366 0x0d60  [ 745B247DFB4C2466B382AE4B2062EB02, A391BFC9A2AD02D2A23112F16FF3CE8E291CAAA93F7C91FB2B2C1A8E1853DA5F ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
16:23:46.0387 0x0d60  UPDATESRV - ok
16:23:46.0402 0x0d60  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:23:46.0463 0x0d60  upnphost - ok
16:23:46.0471 0x0d60  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:23:46.0493 0x0d60  usbaudio - ok
16:23:46.0502 0x0d60  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:46.0525 0x0d60  usbccgp - ok
16:23:46.0532 0x0d60  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:23:46.0554 0x0d60  usbcir - ok
16:23:46.0560 0x0d60  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:23:46.0580 0x0d60  usbehci - ok
16:23:46.0592 0x0d60  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:23:46.0616 0x0d60  usbhub - ok
16:23:46.0621 0x0d60  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:23:46.0635 0x0d60  usbohci - ok
16:23:46.0639 0x0d60  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:23:46.0656 0x0d60  usbprint - ok
16:23:46.0661 0x0d60  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
16:23:46.0677 0x0d60  usbscan - ok
16:23:46.0684 0x0d60  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:46.0702 0x0d60  USBSTOR - ok
16:23:46.0706 0x0d60  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:23:46.0721 0x0d60  usbuhci - ok
16:23:46.0725 0x0d60  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:23:46.0762 0x0d60  UxSms - ok
16:23:46.0767 0x0d60  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
16:23:46.0782 0x0d60  VaultSvc - ok
16:23:46.0787 0x0d60  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:23:46.0800 0x0d60  vdrvroot - ok
16:23:46.0816 0x0d60  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:23:46.0867 0x0d60  vds - ok
16:23:46.0872 0x0d60  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:46.0888 0x0d60  vga - ok
16:23:46.0893 0x0d60  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:23:46.0928 0x0d60  VgaSave - ok
16:23:46.0937 0x0d60  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:23:46.0954 0x0d60  vhdmp - ok
16:23:46.0958 0x0d60  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:23:46.0970 0x0d60  viaide - ok
16:23:46.0978 0x0d60  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:23:46.0995 0x0d60  vmbus - ok
16:23:46.0999 0x0d60  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:23:47.0014 0x0d60  VMBusHID - ok
16:23:47.0019 0x0d60  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:23:47.0032 0x0d60  volmgr - ok
16:23:47.0043 0x0d60  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:23:47.0064 0x0d60  volmgrx - ok
16:23:47.0075 0x0d60  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:23:47.0095 0x0d60  volsnap - ok
16:23:47.0103 0x0d60  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:23:47.0119 0x0d60  vsmraid - ok
16:23:47.0159 0x0d60  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:23:47.0233 0x0d60  VSS - ok
16:23:47.0274 0x0d60  [ 53A2A86E95BEF00587A8A1DEA201FF69, 57118954C1D2FB6993BF2947A807ECA5B5C98FD92C3B73D4107D8445A1115ED2 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
16:23:47.0323 0x0d60  VSSERV - ok
16:23:47.0328 0x0d60  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:23:47.0343 0x0d60  vwifibus - ok
16:23:47.0348 0x0d60  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:23:47.0365 0x0d60  vwififlt - ok
16:23:47.0375 0x0d60  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:23:47.0416 0x0d60  W32Time - ok
16:23:47.0421 0x0d60  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:23:47.0435 0x0d60  WacomPen - ok
16:23:47.0440 0x0d60  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:23:47.0473 0x0d60  WANARP - ok
16:23:47.0477 0x0d60  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:23:47.0507 0x0d60  Wanarpv6 - ok
16:23:47.0540 0x0d60  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:23:47.0591 0x0d60  wbengine - ok
16:23:47.0599 0x0d60  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:23:47.0622 0x0d60  WbioSrvc - ok
16:23:47.0632 0x0d60  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:23:47.0658 0x0d60  wcncsvc - ok
16:23:47.0662 0x0d60  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:47.0675 0x0d60  WcsPlugInService - ok
16:23:47.0679 0x0d60  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:23:47.0689 0x0d60  Wd - ok
16:23:47.0692 0x0d60  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
16:23:47.0705 0x0d60  WDC_SAM - ok
16:23:47.0724 0x0d60  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:23:47.0753 0x0d60  Wdf01000 - ok
16:23:47.0759 0x0d60  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:23:47.0786 0x0d60  WdiServiceHost - ok
16:23:47.0789 0x0d60  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:23:47.0805 0x0d60  WdiSystemHost - ok
16:23:47.0812 0x0d60  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:23:47.0829 0x0d60  WebClient - ok
16:23:47.0836 0x0d60  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:23:47.0867 0x0d60  Wecsvc - ok
16:23:47.0871 0x0d60  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:23:47.0899 0x0d60  wercplsupport - ok
16:23:47.0904 0x0d60  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:23:47.0931 0x0d60  WerSvc - ok
16:23:47.0934 0x0d60  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:23:47.0960 0x0d60  WfpLwf - ok
16:23:47.0963 0x0d60  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:23:47.0972 0x0d60  WIMMount - ok
16:23:47.0974 0x0d60  WinDefend - ok
16:23:47.0978 0x0d60  WinHttpAutoProxySvc - ok
16:23:47.0993 0x0d60  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:23:48.0048 0x0d60  Winmgmt - ok
16:23:48.0110 0x0d60  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:23:48.0236 0x0d60  WinRM - ok
16:23:48.0248 0x0d60  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:23:48.0271 0x0d60  WinUsb - ok
16:23:48.0301 0x0d60  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:23:48.0361 0x0d60  Wlansvc - ok
16:23:48.0432 0x0d60  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:23:48.0524 0x0d60  wlidsvc - ok
16:23:48.0532 0x0d60  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:23:48.0551 0x0d60  WmiAcpi - ok
16:23:48.0564 0x0d60  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:23:48.0590 0x0d60  wmiApSrv - ok
16:23:48.0594 0x0d60  WMPNetworkSvc - ok
16:23:48.0601 0x0d60  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:23:48.0620 0x0d60  WPCSvc - ok
16:23:48.0628 0x0d60  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:23:48.0654 0x0d60  WPDBusEnum - ok
16:23:48.0659 0x0d60  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:23:48.0705 0x0d60  ws2ifsl - ok
16:23:48.0713 0x0d60  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:23:48.0742 0x0d60  wscsvc - ok
16:23:48.0747 0x0d60  WSearch - ok
16:23:48.0815 0x0d60  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:23:48.0887 0x0d60  wuauserv - ok
16:23:48.0895 0x0d60  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:23:48.0912 0x0d60  WudfPf - ok
16:23:48.0921 0x0d60  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:48.0940 0x0d60  WUDFRd - ok
16:23:48.0946 0x0d60  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:23:48.0963 0x0d60  wudfsvc - ok
16:23:48.0972 0x0d60  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:23:48.0994 0x0d60  WwanSvc - ok
16:23:49.0014 0x0d60  ================ Scan global ===============================
16:23:49.0018 0x0d60  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:23:49.0027 0x0d60  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:49.0040 0x0d60  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:49.0049 0x0d60  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:23:49.0060 0x0d60  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:23:49.0069 0x0d60  [ Global ] - ok
16:23:49.0069 0x0d60  ================ Scan MBR ==================================
16:23:49.0080 0x0d60  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:23:49.0346 0x0d60  \Device\Harddisk0\DR0 - ok
16:23:49.0349 0x0d60  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:23:49.0506 0x0d60  \Device\Harddisk1\DR1 - ok
16:23:49.0509 0x0d60  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:23:49.0561 0x0d60  \Device\Harddisk2\DR2 - ok
16:23:49.0565 0x0d60  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
16:23:49.0634 0x0d60  \Device\Harddisk3\DR3 - ok
16:23:49.0635 0x0d60  ================ Scan VBR ==================================
16:23:49.0637 0x0d60  [ D3CF3A81B377E81931682D9E9583082F ] \Device\Harddisk0\DR0\Partition1
16:23:49.0685 0x0d60  \Device\Harddisk0\DR0\Partition1 - ok
16:23:49.0689 0x0d60  [ C07EA9668676E1F1B2EA478B370ADF61 ] \Device\Harddisk0\DR0\Partition2
16:23:49.0765 0x0d60  \Device\Harddisk0\DR0\Partition2 - ok
16:23:49.0768 0x0d60  [ 3CAF7F5BF6C36FDF74ADB00C8C45B806 ] \Device\Harddisk0\DR0\Partition3
16:23:49.0837 0x0d60  \Device\Harddisk0\DR0\Partition3 - ok
16:23:49.0841 0x0d60  [ B3487FAA88D9E349ABF8E0BFE1986EC7 ] \Device\Harddisk1\DR1\Partition1
16:23:49.0842 0x0d60  \Device\Harddisk1\DR1\Partition1 - ok
16:23:49.0845 0x0d60  [ 0BDB8166EB19F40BCB7BCC26E29D4499 ] \Device\Harddisk1\DR1\Partition2
16:23:49.0847 0x0d60  \Device\Harddisk1\DR1\Partition2 - ok
16:23:49.0850 0x0d60  [ BF0270876A60E489A549E9BFFCDBF9B7 ] \Device\Harddisk2\DR2\Partition1
16:23:49.0922 0x0d60  \Device\Harddisk2\DR2\Partition1 - ok
16:23:49.0925 0x0d60  [ 9743027B178CAD77082322EE0770FE65 ] \Device\Harddisk2\DR2\Partition2
16:23:49.0977 0x0d60  \Device\Harddisk2\DR2\Partition2 - ok
16:23:49.0980 0x0d60  [ 09CF54C5E5DE6986D6FF36AAEDA44317 ] \Device\Harddisk2\DR2\Partition3
16:23:50.0037 0x0d60  \Device\Harddisk2\DR2\Partition3 - ok
16:23:50.0041 0x0d60  [ B4D1532C242756B1412071141FA437FE ] \Device\Harddisk3\DR3\Partition1
16:23:50.0043 0x0d60  \Device\Harddisk3\DR3\Partition1 - ok
16:23:50.0044 0x0d60  ================ Scan generic autorun ======================
16:23:50.0096 0x0d60  [ 11D13705AEA930EFFFD56D63F1675D63, D2699B5180CC3C0365924F794FEE6997ED9441FBC677270E89CD392A2CAB872D ] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
16:23:50.0166 0x0d60  Bdagent - ok
16:23:50.0556 0x0d60  [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:23:50.0935 0x0d60  RtHDVCpl - ok
16:23:50.0978 0x0d60  [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:23:51.0022 0x0d60  RtHDVBg_Dolby - ok
16:23:51.0069 0x0d60  [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
16:23:51.0127 0x0d60  EvtMgr6 - ok
16:23:51.0137 0x0d60  [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:23:51.0163 0x0d60  IAStorIcon - ok
16:23:51.0169 0x0d60  [ 77B958528D6C56CEDC88B29EDB66CFAE, CD2B9378D26A1A6F39A8475C9160C3D64A8B4C4DDF8F07B551AA375B3861E333 ] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe
16:23:51.0203 0x0d60  DT FUS - ok
16:23:51.0232 0x0d60  [ 7E88404F838D7E99727C2741D3990A46, B87B34C835C0CFF92EB352C9895E45D66C21E80E53E7C2E614C5012DB5C86A21 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:23:51.0287 0x0d60  StartCCC - ok
16:23:51.0350 0x0d60  [ 68B741770130B3621CAC647C06A6606E, 4D7A4DAC7C8638E10EF93563E526DE6023B092B8882FEBD6FE254711570D257C ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
16:23:51.0449 0x0d60  KeePass 2 PreLoad - detected UnsignedFile.Multi.Generic ( 1 )
16:23:53.0866 0x0d60  Detect skipped due to KSN trusted
16:23:53.0866 0x0d60  KeePass 2 PreLoad - ok
16:23:53.0874 0x0d60  [ E350385CF8113BE4A1D5ABEFC2B0F04C, CCE22F609274A1782F9EA563E5841786AAD142C246698648A8710C113073BFC1 ] C:\Program Files (x86)\EMET 4.1\EMET_agent.exe
16:23:53.0898 0x0d60  EMET 4.1 Agent - ok
16:23:53.0927 0x0d60  [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
16:23:53.0995 0x0d60  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
16:23:56.0401 0x0d60  Detect skipped due to KSN trusted
16:23:56.0401 0x0d60  AVMWlanClient - ok
16:23:56.0438 0x0d60  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:56.0504 0x0d60  Sidebar - ok
16:23:56.0511 0x0d60  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:56.0539 0x0d60  mctadmin - ok
16:23:56.0576 0x0d60  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:56.0635 0x0d60  Sidebar - ok
16:23:56.0642 0x0d60  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:56.0669 0x0d60  mctadmin - ok
16:23:56.0675 0x0d60  [ 886EF31AC237C82EF755C75C306A7C27, 165C39C1430501DCA5B98AF5B863B968B06645A1DD15CA04780E3EBDF1E85926 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
16:23:56.0707 0x0d60  Allway Sync - ok
16:23:56.0715 0x0d60  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Moonchild\AppData\Local\Google\Update\GoogleUpdate.exe
16:23:56.0746 0x0d60  Google Update - ok
16:23:56.0749 0x0d60  HotAlarmClock - ok
16:23:56.0797 0x0d60  [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
16:23:56.0898 0x0d60  FreeAC - ok
16:23:56.0906 0x0d60  [ 886EF31AC237C82EF755C75C306A7C27, 165C39C1430501DCA5B98AF5B863B968B06645A1DD15CA04780E3EBDF1E85926 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
16:23:56.0936 0x0d60  Allway Sync - ok
16:23:57.0063 0x0d60  [ 35CCA77EC41E19466AAAD94DD2559578, ED5871CF78152522F5E262CE7869136ACEDD62FD2EE3DEBBF0C0AA7A3F051E94 ] C:\Program Files (x86)\Klebezettel NG\klebez.exe
16:23:57.0429 0x0d60  Klebezettel NG - detected UnsignedFile.Multi.Generic ( 1 )
16:23:59.0858 0x0d60  Detect skipped due to KSN trusted
16:23:59.0858 0x0d60  Klebezettel NG - ok
16:23:59.0884 0x0d60  [ 27D60574D2277B771930F871C83F4BEA, 90306556A2ABE5760D69F4B55C9A7423CABB5721A2CB7F624D461C0033DAB67F ] C:\Program Files\Sandboxie\SbieCtrl.exe
16:23:59.0922 0x0d60  SandboxieControl - ok
16:23:59.0924 0x0d60  Waiting for KSN requests completion. In queue: 9
16:24:00.0924 0x0d60  Waiting for KSN requests completion. In queue: 9
16:24:01.0924 0x0d60  Waiting for KSN requests completion. In queue: 9
16:24:02.0948 0x0d60  AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x41000 ( enabled : updated )
16:24:02.0950 0x0d60  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x40010 ( disabled )
16:24:02.0958 0x0d60  Win FW state via NFP2: disabled
16:24:05.0333 0x0d60  ============================================================
16:24:05.0333 0x0d60  Scan finished
16:24:05.0333 0x0d60  ============================================================
16:24:05.0345 0x1ebc  Detected object count: 1
16:24:05.0345 0x1ebc  Actual detected object count: 1
16:24:33.0434 0x1ebc  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:33.0434 0x1ebc  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
P.S. Er hat den Fund übrigens nur als verdächtiges Objekt eingeordnet und nicht eindeutig als Malware; Ich bin gespannt, wie Du das einschätzt....
__________________

Geändert von nickcave (01.11.2014 um 15:39 Uhr)

Alt 02.11.2014, 07:05   #4
schrauber
/// the machine
/// TB-Ausbilder
 

HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Sieht soweit gut aus. Mach mal nen Vollscan mit Hitman.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.11.2014, 08:45   #5
nickcave
 
HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Morgen,

ich habe gestern vor Deiner Antwort noch einmal Bitdefender einen Systemscan machen lassen und diesmal hat das Program etwas gefunden:

1. Gen:Variant.Application.Bundler.Amonetize.14; 1x bei einem Programm namens MDB Repair, einer Freeware, die zum Reparieren von Access Datenbanken genutzt werden kann, 5x werden Dateien in $Recycle.bin angezeigt (=wohl Papierkorb, sofern ich nicht fehl gehe)

2. W97M.Herashel.E, alle Dateien (6x) in Recycle.bin

Ich habe Bitdefender jetzt noch keine Anweisungen gegeben, also noch keinen Löschauftrag. Soll ich das machen? Wenn ja, soll ich dann eine Log-Datei posten (wo finde ich die?).
Ich warte hier erst einmal auf Anweisungen von Dir, bevor ich ggf. den Hitman-Scan "hinterherwerfe"...

P.S. Beide Funde befinden sich übrigens nicht auf der Systemplatte, falls das interessant sein sollte


Geändert von nickcave (02.11.2014 um 08:54 Uhr)

Alt 02.11.2014, 17:04   #6
schrauber
/// the machine
/// TB-Ausbilder
 

HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Einfach Papierkorb leeren, der Fund in dem Tool scheint ein Fehlalarm zu sein.
__________________
--> HitmanPro Alert gibt Warnung aus - Browser kompromittiert?

Alt 03.11.2014, 12:30   #7
nickcave
 
HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Okay, ich habe den Papierkorb geleert und das von Bitdefender identifizierte Programm (MDB Repair) zur Sicherheit in Quarantäne verschoben, weil ich das Progi eh nicht brauche.

Danach habe ich Hitman durchlaufen lassen; kein Fund

Wie jetzt weiter? Die Meldung von HitmanAlert beim Öffnen des Firefox ist immer noch am Start...

Grüße

Berichtigung: Jetzt ist die Meldung, die gestern Abend noch bei jedem Firefox Start auftauchte, plötzlich weg. Das unterstreicht, dass es sich wohl um eine Fehlermeldung des Programms handelt.

Frage: Angesichts dieser Fehlfunktion und der Zeit, die ich damit verbracht habe, stellte ich mir jetzt natürlich die Frage, macht dieses Tool überhaupt Sinn oder sollte ich es gleich rausschmeißen. Was meinst Du? Hast Du Erfahrungswerte bezüglich des Sinn/Unsinn von Hitman Alert?

Alt 03.11.2014, 21:32   #8
schrauber
/// the machine
/// TB-Ausbilder
 

HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Selbst nie benutzt und kein Fan von Hitman
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.11.2014, 22:05   #9
nickcave
 
HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Alles klar.

Dank Dir für Deine Hilfe

Alt 04.11.2014, 10:35   #10
schrauber
/// the machine
/// TB-Ausbilder
 

HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Standard

HitmanPro Alert gibt Warnung aus - Browser kompromittiert?



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu HitmanPro Alert gibt Warnung aus - Browser kompromittiert?
antivirus, avira, browser, computer, cpu-z, entfernen, excel, fehler, firefox, flash player, frage, google, home, mozilla, programm, realtek, registry, security, server, shark, software, stick, svchost.exe, system, tracker, usb, windows, wscript.exe



Ähnliche Themen: HitmanPro Alert gibt Warnung aus - Browser kompromittiert?


  1. Frage zu HitmanPro - RltkAPO64.dll
    Antiviren-, Firewall- und andere Schutzprogramme - 13.09.2015 (8)
  2. Browser-infection-alert.com entfernen
    Anleitungen, FAQs & Links - 21.08.2015 (2)
  3. Frage: Ist hitmanpro bei Virenbeseitigung besser?
    Antiviren-, Firewall- und andere Schutzprogramme - 25.03.2015 (6)
  4. HitmanPro gutes Antimalware Programm
    Diskussionsforum - 04.03.2015 (2)
  5. Sinn oder Unsinn? Zemana Anti Keyl.\Hitmanpro Alert 3\ Spyshelter
    Antiviren-, Firewall- und andere Schutzprogramme - 21.01.2015 (5)
  6. HitmanPro Alert JA\Nein
    Antiviren-, Firewall- und andere Schutzprogramme - 27.10.2014 (3)
  7. Browser Protekt Alert
    Alles rund um Windows - 05.05.2014 (1)
  8. HitmanPro Meldung
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (23)
  9. HitmanPro.Alert & Bitdefender
    Überwachung, Datenschutz und Spam - 03.02.2014 (5)
  10. HitmanPro hat ein Trojaner enteckt... Winsysfilter.dll
    Log-Analyse und Auswertung - 17.01.2014 (23)
  11. Riskware und andere bei HitmanPro Scan, gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 30.08.2013 (7)
  12. HitmanPro 2 verdächtige Objekte
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (9)
  13. Anleitung: HitmanPro.Kickstart
    Anleitungen, FAQs & Links - 04.12.2012 (1)
  14. Kaspersky Gibt warnung vor trojanern gefunden:UDS:DangerousObjekt.Multi.Generic
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (5)
  15. Computer mit HitmanPro scannen
    Anleitungen, FAQs & Links - 23.05.2011 (2)
  16. Fake-Alert? Wie gefährlich? Angebliche Windows-Antivirus-Warnung
    Plagegeister aller Art und deren Bekämpfung - 07.11.2009 (2)

Zum Thema HitmanPro Alert gibt Warnung aus - Browser kompromittiert? - Hallo, ich habe vor gut einer Woche HitmanProAlert auf meinem Rechner istalliert und heute gibt das Programm bei meinm Firefox folgende Meldung aus: "Anwendung Firefox (firefox.exe, 6252) Kritische Browserfunktionen wurden - HitmanPro Alert gibt Warnung aus - Browser kompromittiert?...
Archiv
Du betrachtest: HitmanPro Alert gibt Warnung aus - Browser kompromittiert? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.